{"vulnerability": "CVE-2024-2567", "sightings": [{"uuid": "ecf2d1bf-bdbb-4ece-bfb0-ce3860674570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25677", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18504", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25677\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Min before 1.31.0, local files are not correctly treated as unique security origins, which allows them to improperly request cross-origin resources. For example, a local file may request other local files through an XML document.\n\ud83d\udccf Published: 2024-02-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-16T18:12:14.109Z\n\ud83d\udd17 References:\n1. https://github.com/minbrowser/min/security/advisories/GHSA-4w9v-7h8h-rv8x", "creation_timestamp": "2025-06-16T18:38:59.000000Z"}, {"uuid": "5380d7f0-f913-4caf-8cda-7b28ed00fede", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25679", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18495", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25679\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In PQUIC before 5bde5bb, retention of unused initial encryption keys allows attackers to disrupt a connection with a PSK configuration by sending a CONNECTION_CLOSE frame that is encrypted via the initial key computed. Network traffic sniffing is needed as part of exploitation.\n\ud83d\udccf Published: 2024-02-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-16T18:18:14.868Z\n\ud83d\udd17 References:\n1. https://www.rfc-editor.org/rfc/rfc9001#name-discarding-unused-keys\n2. https://github.com/p-quic/pquic/pull/39\n3. https://github.com/p-quic/pquic/issues/35", "creation_timestamp": "2025-06-16T18:38:43.000000Z"}, {"uuid": "09f82c03-892f-40ab-a1a5-50ae3fd66b61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25678", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19065", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25678\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In LiteSpeed QUIC (LSQUIC) Library before 4.0.4, DCID validation is mishandled.\n\ud83d\udccf Published: 2024-02-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-20T20:26:13.694Z\n\ud83d\udd17 References:\n1. https://www.rfc-editor.org/rfc/rfc9001\n2. https://github.com/litespeedtech/lsquic/commit/515f453556c99d27c4dddb5424898dc1a5537708\n3. https://github.com/litespeedtech/lsquic/releases/tag/v4.0.4", "creation_timestamp": "2025-06-20T20:44:07.000000Z"}, {"uuid": "27a1f421-0859-4a51-9914-99a28f7ed68b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2567", "type": "seen", "source": "https://t.me/ctinow/210054", "content": "https://ift.tt/bTj3xOC\nCVE-2024-2567", "creation_timestamp": "2024-03-17T22:26:36.000000Z"}, {"uuid": "aa23df1d-5e72-45ff-8395-111b2d0c2385", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25673", "type": "seen", "source": "https://t.me/cvedetector/6071", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25673 - Couchbase Server HTTP Host Header Injection\", \n  \"Content\": \"CVE ID : CVE-2024-25673 \nPublished : Sept. 19, 2024, 7:15 p.m. | 37\u00a0minutes ago \nDescription : Couchbase Server 7.6.x before 7.6.2, 7.2.x before 7.2.6, and all earlier versions allows HTTP Host header injection. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-19T22:00:45.000000Z"}, {"uuid": "1691b3bc-2a1a-4ab7-a448-ac835020cc6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25679", "type": "seen", "source": "https://t.me/arpsyndicate/3428", "content": "#ExploitObserverAlert\n\nCVE-2024-25679\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-25679. In PQUIC before 5bde5bb, retention of unused initial encryption keys allows attackers to disrupt a connection with a PSK configuration by sending a CONNECTION_CLOSE frame that is encrypted via the initial key computed. Network traffic sniffing is needed as part of exploitation.\n\nFIRST-EPSS: 0.000450000", "creation_timestamp": "2024-02-11T15:48:05.000000Z"}, {"uuid": "84b70c28-bf69-4986-92c4-6d51a38a3d4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25678", "type": "seen", "source": "https://t.me/ctinow/198472", "content": "https://ift.tt/DVscKgW\nCVE-2024-25678 | LiteSpeed QUIC Library up to 4.0.3 DCID Privilege Escalation", "creation_timestamp": "2024-03-02T20:56:42.000000Z"}, {"uuid": "689eed68-eb48-4ae6-ae54-080cd6eada0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25679", "type": "seen", "source": "https://t.me/ctinow/198475", "content": "https://ift.tt/G9V3ycj\nCVE-2024-25679 | PQUIC PSK Configuration denial of service (Issue 35 / 5bde5bb)", "creation_timestamp": "2024-03-02T21:26:38.000000Z"}, {"uuid": "9a190301-f2f3-4493-b0c2-383da4bba5df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2567", "type": "seen", "source": "https://t.me/ctinow/210055", "content": "https://ift.tt/bTj3xOC\nCVE-2024-2567", "creation_timestamp": "2024-03-17T22:26:37.000000Z"}, {"uuid": "85acafd7-24a3-4909-ab78-b491d6238b2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25674", "type": "seen", "source": "https://t.me/ctinow/198471", "content": "https://ift.tt/dfFuOJc\nCVE-2024-25674 | MISP up to 2.4.183 Organisation Logo Upload unrestricted upload", "creation_timestamp": "2024-03-02T20:56:40.000000Z"}, {"uuid": "8c17a9a6-e3b2-4b00-8c62-8b8bbb33d3cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25677", "type": "seen", "source": "https://t.me/ctinow/198464", "content": "https://ift.tt/MRWHSNE\nCVE-2024-25677 | Min 1.29.0 XML Document unknown vulnerability (GHSA-4w9v-7h8h-rv8x)", "creation_timestamp": "2024-03-02T20:16:54.000000Z"}, {"uuid": "e41ec151-0359-4a61-93cc-066f97c08adf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25675", "type": "seen", "source": "https://t.me/ctinow/198463", "content": "https://ift.tt/xYBfMtw\nCVE-2024-25675 | MISP up to 2.4.183 Export Generation JobsController.php information disclosure", "creation_timestamp": "2024-03-02T20:16:53.000000Z"}, {"uuid": "5bdbc787-d45a-430e-899e-85b73543066c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25679", "type": "seen", "source": "https://t.me/ctinow/181964", "content": "https://ift.tt/eaKxjgy\nCVE-2024-25679", "creation_timestamp": "2024-02-09T11:31:53.000000Z"}, {"uuid": "e3e27646-e604-4065-bb03-3d124f6fd559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25678", "type": "seen", "source": "https://t.me/ctinow/181963", "content": "https://ift.tt/qVk2Bbd\nCVE-2024-25678", "creation_timestamp": "2024-02-09T11:31:52.000000Z"}, {"uuid": "c9fce6b8-ce6a-40e1-8b7b-0962a2db88d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25677", "type": "seen", "source": "https://t.me/ctinow/181948", "content": "https://ift.tt/KUvSy62\nCVE-2024-25677", "creation_timestamp": "2024-02-09T10:31:16.000000Z"}, {"uuid": "169ad63b-b9dc-4087-8d24-f05621bf43f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25675", "type": "seen", "source": "https://t.me/ctinow/181947", "content": "https://ift.tt/h7ICJo0\nCVE-2024-25675", "creation_timestamp": "2024-02-09T10:31:15.000000Z"}, {"uuid": "cbd6e8be-ecc4-4aea-b0b3-57ba8c61833c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25674", "type": "seen", "source": "https://t.me/ctinow/181946", "content": "https://ift.tt/g6qc3M5\nCVE-2024-25674", "creation_timestamp": "2024-02-09T10:31:14.000000Z"}]}