{"vulnerability": "CVE-2024-2029", "sightings": [{"uuid": "20bdfa8e-86fb-427b-b17e-0dc8e124fc51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20296", "type": "seen", "source": "https://t.me/kasperskyb2b/1343", "content": "\ud83d\udd25 10 CVE \u043e\u0442 Cisco, \u043e\u0434\u043d\u0430 \u0441 CVSS 10\n\nCisco Patch Wednesday \u043f\u0440\u043e\u0448\u0451\u043b \u0441 \u043e\u0433\u043e\u043d\u044c\u043a\u043e\u043c \u2014 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u043e 10 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439, \u0432 \u0442\u043e\u043c \u0447\u0438\u0441\u043b\u0435 \u0434\u0432\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445.\n\n\u0425\u0435\u0434\u043b\u0430\u0439\u043d\u0435\u0440\u043e\u043c \u0431\u044e\u043b\u043b\u0435\u0442\u0435\u043d\u044f \u043f\u0440\u0438\u0437\u043d\u0430\u0435\u043c CVE-2024-20401 \u0441 CVSS 9.8, \u044d\u0442\u043e \u0434\u0435\u0444\u0435\u043a\u0442 \u0432 Secure Email Gateway, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0449\u0438\u0439 \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0435 \u0444\u0430\u0439\u043b\u044b. \u0410\u0442\u0430\u043a\u0443\u044e\u0449\u0438\u0439, \u043f\u0440\u0438\u0441\u043b\u0430\u0432\u0448\u0438\u0439 \u043f\u0438\u0441\u044c\u043c\u043e \u0441\u043e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043a\u043e\u043d\u0441\u0442\u0440\u0443\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c\u0438 \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c\u0438, \u043c\u043e\u0436\u0435\u0442 \u043f\u0435\u0440\u0435\u0437\u0430\u043f\u0438\u0441\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044f \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0434\u043e\u0431\u0430\u0432\u043b\u044f\u044f root-\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u043c\u0435\u043d\u044f\u044f \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438\u043b\u0438 \u0432\u044b\u0437\u044b\u0432\u0430\u044f DoS. \u0414\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e, \u0447\u0442\u043e\u0431\u044b \u043d\u0430 \u0448\u043b\u044e\u0437\u0435 \u0431\u044b\u043b\u0438 \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u044b \u043a\u043e\u043d\u0442\u0435\u043d\u0442-\u0444\u0438\u043b\u044c\u0442\u0440 \u0438\u043b\u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0430\u0442\u043e\u0440 \u0444\u0430\u0439\u043b\u043e\u0432, \u044f\u0432\u043b\u044f\u044e\u0449\u0438\u0439\u0441\u044f \u0447\u0430\u0441\u0442\u044c\u044e Cisco Advanced Malware Protection. \ud83e\udd2a\n\u041a\u043e\u043c\u043f\u0435\u043d\u0441\u0438\u0440\u0443\u044e\u0449\u0438\u0445 \u043c\u0435\u0440 \u043d\u0435 \u043f\u0440\u0435\u0434\u0443\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u043e, \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b, \u0440\u0435\u0430\u043b\u044c\u043d\u043e\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043d\u0435 \u0431\u044b\u043b\u043e \u2014 \u043f\u043e\u043a\u0430.\n\n\u0414\u0435\u0444\u0435\u043a\u0442 \u0441\u043e \u0441\u043a\u0440\u043e\u043c\u043d\u044b\u043c CVSS 10 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d \u0432 Smart Software Manager On-Prem, \u043c\u043e\u0434\u0443\u043b\u0435 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u044f\u043c\u0438 \u043d\u0430 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Cisco.  CVE-2024-20419 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u043f\u0430\u0440\u043e\u043b\u044c \u043b\u044e\u0431\u043e\u0433\u043e \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0438 \u0437\u0430\u0439\u0442\u0438 \u0432 web UI \u0438\u043b\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f API \u0441 \u0435\u0433\u043e \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430\u0441\u044c, \u0438, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u0441\u043f\u0435\u0446\u0438\u0444\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043f\u0440\u0438\u0440\u043e\u0434\u0443 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430, \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e \u0438 \u043d\u0435 \u0431\u0443\u0434\u0435\u0442. \u0413\u0438\u043f\u043e\u0442\u0435\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u0434\u0435\u043b\u044f\u0442\u0441\u044f \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0438-\u0441\u0435\u0442\u0435\u0432\u0438\u043a\u0438 \u2014 \u044d\u0442\u043e DoS \u043f\u0443\u0442\u0451\u043c \u0434\u0435\u0430\u043a\u0442\u0438\u0432\u0430\u0446\u0438\u0438 \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u0439, \u043d\u043e \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f, \u0447\u0442\u043e \u0434\u0430\u0436\u0435 \u0431\u0435\u0437 \u043b\u0438\u0446\u0435\u043d\u0437\u0438\u0438 \u043e\u0431\u043e\u0440\u0443\u0434\u043e\u0432\u0430\u043d\u0438\u0435 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c, \u044d\u0442\u043e \u043e\u0442\u043d\u043e\u0441\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u043c\u0435\u0434\u043b\u0435\u043d\u043d\u0430\u044f \u0430\u0442\u0430\u043a\u0430.\n\n\u0422\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0432\u0430\u0436\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f BlastRADIUS (CVE-2024-3596), \u0443\u0441\u0442\u0440\u0430\u043d\u0451\u043d \u0434\u0435\u0444\u0435\u043a\u0442 \u0441 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u0435\u043c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0432 Secure Web Appliance (CVE-2024-20435) \u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u0437\u0430\u0433\u0440\u0443\u0437\u043a\u043e\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0432 Identity Services Engine (CVE-2024-20296).\n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 #\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 #Cisco @\u041f2\u0422", "creation_timestamp": "2024-07-18T11:16:31.000000Z"}, {"uuid": "63759590-760d-4f21-9b67-613b7343408c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2029", "type": "published-proof-of-concept", "source": "https://github.com/google/tsunami-security-scanner-plugins/tree/master/community/detectors/localai_cve_2024_2029", "content": "", "creation_timestamp": "2025-07-21T18:57:10.000000Z"}, {"uuid": "4f77e602-8b9a-4038-8937-1fef8181cd36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20291", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6712", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-20291-POC exploit ---&gt; RCE\nURL\uff1ahttps://github.com/greandfather/CVE-2024-20291-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-03-03T00:10:00.000000Z"}, {"uuid": "43353785-25f6-40f0-a79b-72e4b1c58227", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20290", "type": "seen", "source": "https://t.me/itsec_news/4100", "content": "\u200b\u26a1\ufe0fClamAV 1.3.0: \u043d\u043e\u0432\u0430\u044f \u0432\u0435\u0440\u0441\u0438\u044f \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u0430 \u043e\u0442 Cisco \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 OneNote \u0438 Haiku\n\n\ud83d\udcac \u041f\u043e\u0441\u043b\u0435 6 \u043c\u0435\u0441\u044f\u0446\u0435\u0432 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u0438, Cisco \u0430\u043d\u043e\u043d\u0441\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0440\u0435\u043b\u0438\u0437 \u043d\u043e\u0432\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 \u0441\u0432\u043e\u0435\u0433\u043e \u0431\u0435\u0441\u043f\u043b\u0430\u0442\u043d\u043e\u0433\u043e \u0430\u043d\u0442\u0438\u0432\u0438\u0440\u0443\u0441\u0430 ClamAV 1.3.0, \u0441\u0442\u0430\u0432\u0448\u0435\u0433\u043e \u0447\u0430\u0441\u0442\u044c\u044e Cisco \u043f\u043e\u0441\u043b\u0435 \u043f\u0440\u0438\u043e\u0431\u0440\u0435\u0442\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0435\u0439 Sourcefire \u0432 2013 \u0433\u043e\u0434\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u043d\u0438\u043c\u0430\u043b\u0430\u0441\u044c \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u043a\u043e\u0439 ClamAV \u0438 Snort. \u041f\u043e\u043c\u0438\u043c\u043e \u0441\u0442\u0430\u0431\u0438\u043b\u044c\u043d\u043e\u0439 \u0432\u0435\u0440\u0441\u0438\u0438 ClamAV 1.3.0 \u0442\u0430\u043a\u0436\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 1.2.2 \u0438 1.0.5. \u0412\u043e\u0442 \u043a\u043b\u044e\u0447\u0435\u0432\u044b\u0435 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f, \u0432\u043d\u0435\u0441\u0435\u043d\u043d\u044b\u0435 \u0432 \u043d\u043e\u0432\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438:\n\n\u0412\u0435\u0440\u0441\u0438\u044f 1.3.0:\n\n\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0430 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u0438\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u044f \u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0432\u043b\u043e\u0436\u0435\u043d\u0438\u0439 \u0432 \u0444\u0430\u0439\u043b\u0430\u0445 Microsoft OneNote. \u0424\u0443\u043d\u043a\u0446\u0438\u044f \u0432\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e, \u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0430 \u0447\u0435\u0440\u0435\u0437 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u0443\u044e \u0441\u0442\u0440\u043e\u043a\u0443, \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0444\u0430\u0439\u043b clamd.conf, \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 libclamav \u0438\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u0432 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438 daily.cfg.\n\u0423\u043b\u0443\u0447\u0448\u0435\u043d\u0430 \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u0438\u043c\u043e\u0441\u0442\u044c \u0441 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u043e\u0439 Haiku (BeOS-\u043f\u043e\u0434\u043e\u0431\u043d\u0430\u044f).\nClamD \u043f\u0440\u043e\u0432\u0435\u0440\u044f\u0435\u0442 \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u043e\u0439 \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e\u0439 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 \u043f\u0440\u0438 \u0437\u0430\u043f\u0443\u0441\u043a\u0435, \u0432\u044b\u0432\u043e\u0434\u044f \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e\u0431 \u043e\u0448\u0438\u0431\u043a\u0435 \u0438 \u0437\u0430\u0432\u0435\u0440\u0448\u0430\u044f \u0440\u0430\u0431\u043e\u0442\u0443 \u0441 \u043a\u043e\u0434\u043e\u043c \u0432\u044b\u0445\u043e\u0434\u0430 1 \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 \u0435\u0451 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u044f.\n\u0420\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u043d\u0430\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u0441\u0442\u0430\u0442\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0431\u0438\u0431\u043b\u0438\u043e\u0442\u0435\u043a \u043f\u0440\u0438 \u0441\u0431\u043e\u0440\u043a\u0435 \u0441 CMake, \u0432\u043a\u043b\u044e\u0447\u0430\u044f libclamavrust, libclammspack, libclamunrariface, \u0438 libclamunrar.\n\u0414\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u043e \u0440\u0430\u0441\u043f\u043e\u0437\u043d\u0430\u0432\u0430\u043d\u0438\u0435 \u0442\u0438\u043f\u0430 \u0444\u0430\u0439\u043b\u043e\u0432 \u0434\u043b\u044f \u0441\u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 Python (.pyc) \u0444\u0430\u0439\u043b\u043e\u0432, \u0443\u043b\u0443\u0447\u0448\u0430\u044f \u0442\u0438\u043f\u0438\u0437\u0430\u0446\u0438\u044e \u0434\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438.\n\u0423\u043b\u0443\u0447\u0448\u0435\u043d\u0430 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430 \u0434\u0435\u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u0438\u044f PDF-\u0444\u0430\u0439\u043b\u043e\u0432 \u0441 \u043f\u0443\u0441\u0442\u044b\u043c\u0438 \u043f\u0430\u0440\u043e\u043b\u044f\u043c\u0438.\n\u0420\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0435 \u043c\u0435\u043b\u043a\u0438\u0435 \u0443\u043b\u0443\u0447\u0448\u0435\u043d\u0438\u044f \u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u043f\u0435\u0447\u0430\u0442\u043e\u043a.\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0448\u0438\u0431\u043e\u043a, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044f \u043f\u0440\u0438 \u0441\u043a\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0445 HTML-\u0444\u0430\u0439\u043b\u043e\u0432, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u0435\u0447\u043d\u043e\u0433\u043e \u0446\u0438\u043a\u043b\u0430 \u0432 ClamOnAcc \u043f\u0440\u0438 \u043e\u0442\u0441\u0443\u0442\u0441\u0442\u0432\u0438\u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u0438\u0438 \u0438 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0433\u043e \u0441\u0431\u043e\u044f \u043f\u0440\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0435 VBA-\u0444\u0430\u0439\u043b\u043e\u0432 \u043d\u0430 HP-UX/IA 64bit.\n\u0412\u0435\u0440\u0441\u0438\u0438 1.2.2 \u0438 1.0.5:\n\nCVE-2024-20290: \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u0443\u0447\u0438 (Heap Overflow) \u0432 \u0430\u043d\u0430\u043b\u0438\u0437\u0430\u0442\u043e\u0440\u0435 \u0444\u0430\u0439\u043b\u043e\u0432 OLE2, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0433\u043b\u0430 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u044e \u043e\u0442\u043a\u0430\u0437\u0430 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438 (Denial of Service, DoS).\nCVE-2024-20328: \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u044e VirusEvent \u0441\u043b\u0443\u0436\u0431\u044b ClamD. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430 \u0447\u0435\u0440\u0435\u0437 \u043e\u0442\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0432 VirusEvent \u043f\u0430\u0440\u0430\u043c\u0435\u0442\u0440\u0430 \u0444\u043e\u0440\u043c\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0442\u0440\u043e\u043a\u0438 '%f', \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u043c\u0435\u043d\u044f\u043b\u0441\u044f \u043d\u0430 \u0438\u043c\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430.\n\u041d\u043e\u0432\u044b\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0434\u043b\u044f \u0441\u043a\u0430\u0447\u0438\u0432\u0430\u043d\u0438\u044f \u043d\u0430 \u043e\u0444\u0438\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 ClamAV, \u043d\u0430 \u0441\u0442\u0440\u0430\u043d\u0438\u0446\u0435 \u0440\u0435\u043b\u0438\u0437\u043e\u0432 GitHub \u0438 \u0447\u0435\u0440\u0435\u0437 Docker Hub, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043e\u0431\u0440\u0430\u0437\u044b \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 Alpine \u0438 Debian \u0434\u043b\u044f \u043c\u0443\u043b\u044c\u0442\u0438\u0430\u0440\u0445\u0438\u0432\u043d\u044b\u0445 \u043e\u0431\u0440\u0430\u0437\u043e\u0432.\n\n\ud83d\udd14 ITsec NEWS", "creation_timestamp": "2024-02-09T17:21:56.000000Z"}, {"uuid": "066fe629-f064-4562-bb69-b4108f05fca6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20299", "type": "seen", "source": "https://t.me/cvedetector/8735", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20299 - Cisco ASA/FTD AnyConnect Remote ACL Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20299 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:36.000000Z"}, {"uuid": "f72e5d20-faa6-4563-85c5-ccb642fb1c9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20298", "type": "seen", "source": "https://t.me/cvedetector/8739", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20298 - Cisco Firepower Management Center XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20298 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the web-based management interface of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker to conduct a cross-site scripting (XSS) attack against a user of the interface of an affected device. This vulnerability is due to insufficient validation of user-supplied input by the web-based management interface. An attacker could exploit this vulnerability by inserting crafted input into various data fields in an affected interface. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface, or access sensitive, browser-based information. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:42.000000Z"}, {"uuid": "abe82e19-a471-4567-b96e-17a5a141f321", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20297", "type": "seen", "source": "https://t.me/cvedetector/8738", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20297 - Cisco AnyConnect Firewall Group ACL Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-20297 \nPublished : Oct. 23, 2024, 5:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability in the AnyConnect firewall for Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to bypass a configured access control list (ACL) and allow traffic that should have been denied to flow through an affected device. This vulnerability is due to a logic error in populating group ACLs when an AnyConnect client establishes a new session toward an affected device. An attacker could exploit this vulnerability by establishing an AnyConnect connection to the affected device. A successful exploit could allow the attacker to bypass configured ACL rules. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:54:41.000000Z"}, {"uuid": "5a14d803-f37b-4edc-b365-3abca210cf34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20296", "type": "seen", "source": "https://t.me/cvedetector/1110", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-20296 - \"Cisco ISE Arbitrary File Upload Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-20296 \nPublished : July 17, 2024, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to upload arbitrary files to an affected device. To exploit this vulnerability, an attacker would need at least valid Policy Admin credentials on the affected device.  \n  \n This vulnerability is due to improper validation of files that are uploaded to the web-based management interface. An attacker could exploit this vulnerability by uploading arbitrary files to an affected device. A successful exploit could allow the attacker to store malicious files on the system, execute arbitrary commands on the operating system, and elevate privileges to root. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T19:53:57.000000Z"}, {"uuid": "4561b966-bea0-4d8b-a17e-bb21896f1307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20290", "type": "seen", "source": "https://t.me/ctinow/180882", "content": "https://ift.tt/NTPbZuA\nCVE-2024-20290", "creation_timestamp": "2024-02-07T18:32:23.000000Z"}, {"uuid": "c1ffcf3d-0d66-4a96-b340-fd51ce704198", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20292", "type": "seen", "source": "https://t.me/arpsyndicate/4147", "content": "#ExploitObserverAlert\n\nCVE-2024-20292\n\nDESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-20292. A vulnerability in the logging component of Cisco Duo Authentication for Windows Logon and RDP could allow an authenticated, local attacker to view sensitive information in clear text on an affected system.   This vulnerability is due to improper storage of an unencrypted registry key in certain logs. An attacker could exploit this vulnerability by accessing the logs on an affected system. A successful exploit could allow the attacker to view sensitive information in clear text.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-03-08T02:25:08.000000Z"}, {"uuid": "80070b67-7503-4a76-982c-08a8b9231f15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20290", "type": "seen", "source": "https://t.me/ctinow/198302", "content": "https://ift.tt/tjiqI2y\nCVE-2024-20290 | ClamAV up to 1.0.4/1.1/1.2.1 OLE2 File Parser heap-based overflow (FEDORA-2024-3439911df6)", "creation_timestamp": "2024-03-02T10:11:58.000000Z"}, {"uuid": "4fb4f887-d02d-45a6-85db-8622c7e17b4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20290", "type": "seen", "source": "https://t.me/ctinow/197989", "content": "https://ift.tt/J8d3ZAg\nCVE-2024-20290 | Cisco Secure Endpoint ClamAV buffer over-read (cisco-sa-clamav-hDffu6t)", "creation_timestamp": "2024-03-01T21:16:40.000000Z"}, {"uuid": "a0ec2185-1bd1-4d76-8b5d-d98c42f0ec58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2029", "type": "seen", "source": "https://t.me/arpsyndicate/4526", "content": "#ExploitObserverAlert\n\nCVE-2024-2029\n\nDESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-2029. A command injection vulnerability exists in the `TranscriptEndpoint` of mudler/localai, specifically within the `audioToWav` function used for converting audio files to WAV format for transcription. The vulnerability arises due to the lack of sanitization of user-supplied filenames before passing them to ffmpeg via a shell command, allowing an attacker to execute arbitrary commands on the host system. Successful exploitation could lead to unauthorized access, data breaches, or other detrimental impacts, depending on the privileges of the process executing the code.\n\nFIRST-EPSS: 0.000430000\nARPS-EXPLOITABILITY: 0.5780347", "creation_timestamp": "2024-04-12T05:26:43.000000Z"}, {"uuid": "c37b9cdb-c454-484c-90e2-cbd569dd57be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20295", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/5651", "content": "Cisco \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442 \u043e\u0431 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 Cisco IMC, \u0434\u043b\u044f \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0432\u044b\u043f\u0443\u0449\u0435\u043d \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0439 PoC.\n\nCisco IMC \u2014 \u044d\u0442\u043e \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u043b\u0435\u0440 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0441\u043d\u043e\u0432\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u043e\u0439 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 UCS C-Series Rack \u0438 UCS S-Series Storage, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0439 \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u043e\u0432, \u0432\u043a\u043b\u044e\u0447\u0430\u044f XML API, WebUI \u0438 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 (CLI).\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0435 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 Cisco IMC \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443, \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0435\u043c\u0443 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0430\u0442\u0430\u043a\u0438 \u043f\u0443\u0442\u0435\u043c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u0432 \u0431\u0430\u0437\u043e\u0432\u0443\u044e \u041e\u0421 \u0438 \u043f\u043e\u0432\u044b\u0441\u0438\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f root.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0434\u043e\u043b\u0436\u0435\u043d \u0438\u043c\u0435\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0442\u043e\u043b\u044c\u043a\u043e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f \u0438\u043b\u0438 \u0431\u043e\u043b\u0435\u0435 \u0432\u044b\u0441\u043e\u043a\u0438\u0435 \u043f\u0440\u0430\u0432\u0430 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u041e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0430\u044f \u043a\u0430\u043a CVE-2024-20295 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043e\u0431\u0443\u0441\u043b\u043e\u0432\u043b\u0435\u043d\u0430 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u043e\u0439 \u0432\u0432\u043e\u0434\u0438\u043c\u044b\u0445 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c \u0434\u0430\u043d\u043d\u044b\u0445, \u0435\u0435 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u0430\u043d\u0434 CLI \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u0430\u0442\u0430\u043a \u043d\u0438\u0437\u043a\u043e\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0435 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0432\u044b\u0447\u0438\u0441\u043b\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0435 \u0441\u0438\u0441\u0442\u0435\u043c\u044b (ENCS) \u0441\u0435\u0440\u0438\u0438 5000, Catalyst 8300 Series Edge uCPE, \u0430 \u0442\u0430\u043a\u0436\u0435 \u0441\u0435\u0440\u0432\u0435\u0440\u044b UCS \u0441\u0435\u0440\u0438\u0438 C \u0438 E.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0430\u0442\u0430\u043a\u0430\u043c \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d \u0438 \u043c\u043d\u043e\u0433\u0438\u0435 \u0434\u0440\u0443\u0433\u0438\u0435 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b, \u0435\u0441\u043b\u0438 \u043e\u043d\u0438 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043d\u044b \u043d\u0430 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u043c\u0443 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u0443 \u043a\u043e\u043c\u0430\u043d\u0434\u043d\u043e\u0439 \u0441\u0442\u0440\u043e\u043a\u0438 Cisco IMC.\n\nCisco PSIRT \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0434\u0438\u043b\u0430, \u0447\u0442\u043e PoC \u0443\u0436\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u0435\u043d, \u043d\u043e, \u043a \u0441\u0447\u0430\u0441\u0442\u044c\u044e, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0435\u0449\u0435 \u043d\u0435 \u043d\u0430\u0447\u0430\u043b\u0438 \u043d\u0430\u0446\u0435\u043b\u0438\u0432\u0430\u0442\u044c\u0441\u044f \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c. \u0412\u043e \u0432\u0441\u044f\u043a\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435\u043d \u043f\u043e\u043a\u0430.\n\n\u0422\u0430\u043a \u0447\u0442\u043e \u0431\u0443\u0434\u0435\u043c \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c.", "creation_timestamp": "2024-04-18T11:08:28.000000Z"}, {"uuid": "ff467afc-ce88-454a-aec0-48c028a10d12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-20291", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10085", "content": "#exploit\n1. CVE-2024-20291:\nCisco NX-OS Port Channel ACL access control\nhttps://github.com/greandfather/CVE-2024-20291-POC\n\n2. CVE-2023-22098:\nOracle VM VirtualBox 7.0.10 Escape\nhttps://github.com/google/security-research/tree/master/pocs/oracle/virtualbox/cve-2023-22098", "creation_timestamp": "2024-03-04T10:58:01.000000Z"}]}