{"vulnerability": "CVE-2024-2221", "sightings": [{"uuid": "d9b2e6f5-ccd5-45d8-b3e1-edaf4c1c7581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22216", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18802", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-22216\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In default installations of Microchip maxView Storage Manager (for Adaptec Smart Storage Controllers) where Redfish server is configured for remote system management, unauthorized access can occur, with data modification and information disclosure. This affects 3.00.23484 through 4.14.00.26064 (except for the patched versions 3.07.23980 and 4.07.00.25339).\n\ud83d\udccf Published: 2024-01-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-18T16:54:35.287Z\n\ud83d\udd17 References:\n1. https://www.microchip.com/en-us/solutions/embedded-security/how-to-report-potential-product-security-vulnerabilities/maxview-storage-manager-redfish-server-vulnerability", "creation_timestamp": "2025-06-18T17:39:08.000000Z"}, {"uuid": "7a308dee-1109-4e75-8677-984079cbaeda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22218", "type": "seen", "source": "https://t.me/cvedetector/3269", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-22218 - Terminalfour XML JDBC XXE Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-22218 \nPublished : Aug. 15, 2024, 6:15 p.m. | 35\u00a0minutes ago \nDescription : XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC versions up to 1.0.4 allows authenticated users to submit malicious XML via unspecified features which could lead to various actions such as accessing the underlying server, remote code execution (RCE), or performing Server-Side Request Forgery (SSRF) attacks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-15T20:59:25.000000Z"}, {"uuid": "3ab60480-e09f-4d0f-8e0e-9fefd0142d62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22211", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/185954", "content": "https://ift.tt/bNDxKRQ\nCVE-2024-22211 | FreeRDP up to 2.11.4/3.1.x planar.c freerdp_bitmap_planar_context_reset heap-based overflow (GHSA-rjhp-44rv-7v59)", "creation_timestamp": "2024-02-15T23:02:26.000000Z"}, {"uuid": "e3a90d33-17f2-448c-8dac-40625e06a5f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22217", "type": "seen", "source": "https://t.me/cvedetector/3271", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-22217 - Terminalfour SSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-22217 \nPublished : Aug. 15, 2024, 6:15 p.m. | 35\u00a0minutes ago \nDescription : A Server-Side Request Forgery (SSRF) vulnerability in Terminalfour before 8.3.19 allows authenticated users to use specific features to access internal services including sensitive information on the server that Terminalfour runs on. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-15T20:59:27.000000Z"}, {"uuid": "3da13b47-6cf6-4d1e-bb3c-d17fdaff8f63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22219", "type": "seen", "source": "https://t.me/cvedetector/3270", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-22219 - Terminalfour XML External Entity (XXE) Injection\", \n  \"Content\": \"CVE ID : CVE-2024-22219 \nPublished : Aug. 15, 2024, 6:15 p.m. | 35\u00a0minutes ago \nDescription : XML External Entity (XXE) vulnerability in Terminalfour 8.0.0001 through 8.3.18 and XML JDBC versions up to 1.0.4 allows authenticated users to submit malicious XML via unspecified features which could lead to various actions such as accessing the underlying server, remote code execution (RCE), or performing Server-Side Request Forgery (SSRF) attacks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-15T20:59:26.000000Z"}, {"uuid": "be531049-6a65-4d8e-8274-0a136cd14620", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2221", "type": "seen", "source": "https://t.me/arpsyndicate/4571", "content": "#ExploitObserverAlert\n\nCVE-2024-2221\n\nDESCRIPTION: Exploit Observer has 3 entries in 1 file formats related to CVE-2024-2221. qdrant/qdrant is vulnerable to a path traversal and arbitrary file upload vulnerability via the `/collections/{COLLECTION}/snapshots/upload` endpoint, specifically through the `snapshot` parameter. This vulnerability allows attackers to upload and overwrite any file on the filesystem, leading to potential remote code execution. This issue affects the integrity and availability of the system, enabling unauthorized access and potentially causing the server to malfunction.\n\nFIRST-EPSS: 0.000430000\nARPS-EXPLOITABILITY: 0.5780347", "creation_timestamp": "2024-04-12T09:02:54.000000Z"}, {"uuid": "b451ccd0-295e-4c53-9f42-fad6b1acbe87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22213", "type": "seen", "source": "https://t.me/ctinow/183118", "content": "https://ift.tt/k6H7OlK\nCVE-2024-22213 | NextCloud Deck up to 1.9.4/1.11.1 Organization cross site scripting (GHSA-mg7w-x9fm-9wwc)", "creation_timestamp": "2024-02-12T14:41:42.000000Z"}, {"uuid": "7cfc9a4c-f1b7-454d-a342-15effa6d7fe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22212", "type": "seen", "source": "https://t.me/ctinow/183106", "content": "https://ift.tt/uZex6km\nCVE-2024-22212 | NextCloud Global Site Selector up to 1.4.0/2.1.1/2.3.3/2.4.4 authentication bypass (GHSA-vj5q-f63m-wp77)", "creation_timestamp": "2024-02-12T14:11:43.000000Z"}, {"uuid": "fae2e85f-f157-4269-b0c9-3bdb892c4ca9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22211", "type": "seen", "source": "https://t.me/ctinow/170994", "content": "https://ift.tt/4yAn0NP\nCVE-2024-22211", "creation_timestamp": "2024-01-22T06:51:52.000000Z"}, {"uuid": "bc27c596-bf3d-4e9c-bc96-b993d75bf2b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22213", "type": "seen", "source": "https://t.me/ctinow/173707", "content": "https://ift.tt/X0sdRqv\nCVE-2024-22213 Exploit", "creation_timestamp": "2024-01-25T19:16:35.000000Z"}, {"uuid": "0dae7f3a-fe43-4a46-819a-c9b0d9cccb4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22211", "type": "seen", "source": "https://t.me/ctinow/174536", "content": "https://ift.tt/8ucmWXO\nCVE-2024-22211 Exploit", "creation_timestamp": "2024-01-26T23:16:39.000000Z"}, {"uuid": "04101ea9-a796-4ec5-9b41-d2146f8016bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22216", "type": "seen", "source": "https://t.me/ctinow/173368", "content": "https://ift.tt/au2JtXR\nCVE-2024-22216 | Microchip maxView Storage Manager up to 4.14.00.26064 Redfish Server improper authorization", "creation_timestamp": "2024-01-25T10:46:07.000000Z"}, {"uuid": "23bf0086-d842-417a-ab89-9a049f8d9d22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22213", "type": "seen", "source": "https://t.me/ctinow/169942", "content": "https://ift.tt/3V8EOrZ\nCVE-2024-22213", "creation_timestamp": "2024-01-18T21:26:16.000000Z"}, {"uuid": "3fa289ad-04d7-48da-b52e-1cc68ef32c20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22212", "type": "seen", "source": "https://t.me/ctinow/169910", "content": "https://ift.tt/PSCq3ey\nCVE-2024-22212", "creation_timestamp": "2024-01-18T20:31:22.000000Z"}, {"uuid": "511c9242-1537-4a7b-9573-279fdc5e09bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22216", "type": "seen", "source": "https://t.me/ctinow/164228", "content": "https://ift.tt/VdiGqKL\nCVE-2024-22216", "creation_timestamp": "2024-01-08T08:21:27.000000Z"}]}