{"vulnerability": "CVE-2024-2187", "sightings": [{"uuid": "639425e7-fdec-499d-8ed3-207cb5db8c2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21876", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lk4ccqmz7r2u", "content": "", "creation_timestamp": "2025-03-11T14:40:20.738689Z"}, {"uuid": "abfaa2e3-199d-4bdf-a8f6-9705c247e0f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21875", "type": "seen", "source": "https://t.me/arpsyndicate/3520", "content": "#ExploitObserverAlert\n\nCVE-2024-21875\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-21875. Allocation of Resources Without Limits or Throttling vulnerability in Badge leading to a denial of service attack.Team Hacker Hotel Badge 2024 on risc-v (billboard modules) allows Flooding.This issue affects Hacker Hotel Badge 2024: from 0.1.0 through 0.1.3.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-13T02:24:01.000000Z"}, {"uuid": "c2c03c1c-3d8f-488a-a3a2-dd3e7e92a558", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21875", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/910", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-21875\n\ud83d\udd39 Description: Allocation of Resources Without Limits or Throttling vulnerability in Badge leading to a denial of service attack.Team Hacker Hotel Badge 2024 on risc-v (billboard modules) allows Flooding.This issue affects Hacker Hotel Badge 2024: from 0.1.0 through 0.1.3.\n\ud83d\udccf Published: 2024-02-11T08:37:10.098Z\n\ud83d\udccf Modified: 2025-01-09T07:56:47.539Z\n\ud83d\udd17 References:\n1. https://csirt.divd.nl/CVE-2024-21875\n2. https://github.com/badgeteam/hackerhotel-2024-firmware-esp32c6/pull/64", "creation_timestamp": "2025-01-09T08:15:23.000000Z"}, {"uuid": "c0272189-6759-46a7-81a3-b9ce20715f65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21871", "type": "seen", "source": "https://t.me/cvedetector/5745", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-21871 - Intel UEFI Firmware Escalation of Privilege\", \n  \"Content\": \"CVE ID : CVE-2024-21871 \nPublished : Sept. 16, 2024, 5:16 p.m. | 14\u00a0minutes ago \nDescription : Improper input validation in UEFI firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-16T19:32:37.000000Z"}, {"uuid": "1d4789c5-522f-4bdf-b7d7-087b316d5c8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21875", "type": "seen", "source": "https://t.me/ctinow/182735", "content": "https://ift.tt/EtNdZfA\nCVE-2024-21875", "creation_timestamp": "2024-02-11T10:21:46.000000Z"}, {"uuid": "f04630f5-33c9-4701-93a8-f6575c74dbe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2187", "type": "seen", "source": "https://t.me/arpsyndicate/4514", "content": "#ExploitObserverAlert\n\nCVE-2024-2187\n\nDESCRIPTION: Exploit Observer has 4 entries in 1 file formats related to CVE-2024-2187. The Beaver Builder Addons by WPZOOM plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonials widget in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-04-11T11:18:03.000000Z"}]}