{"vulnerability": "CVE-2024-2631", "sightings": [{"uuid": "8f8711a8-e9ea-4b12-9319-18e7818af9ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26317", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgqmj5dodi2q", "content": "", "creation_timestamp": "2025-01-27T18:55:21.560935Z"}, {"uuid": "245256cb-faf9-4117-bcf0-8597aa938eab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26317", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113901498964076374", "content": "", "creation_timestamp": "2025-01-27T17:29:07.114579Z"}, {"uuid": "240d7127-c6db-4834-8705-64a1788dc743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26318", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8743", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-26318\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Serenity before 6.8.0 allows XSS via an email link because LoginPage.tsx permits return URLs that do not begin with a / character.\n\ud83d\udccf Published: 2024-02-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-25T18:43:15.151Z\n\ud83d\udd17 References:\n1. https://serenity.is/docs/release-notes/6.8.0", "creation_timestamp": "2025-03-25T19:24:56.000000Z"}, {"uuid": "1f01ec97-a87a-4c3c-a4d9-9ed2fb853db4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26317", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgqkcsxqzq2i", "content": "", "creation_timestamp": "2025-01-27T18:16:01.321558Z"}, {"uuid": "d6e856fc-cfe6-4fb7-ada9-7a07d2bd7de8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26314", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8448", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-26314\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Improper privilege management in Jungo WinDriver 6.0.0 through 16.1.0 allows local attackers to escalate privileges and execute arbitrary code.\n\ud83d\udccf Published: 2024-07-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-21T20:37:15.710Z\n\ud83d\udd17 References:\n1. https://jungo.com/windriver/versions/\n2. https://www.mitsubishielectric.com/en/psirt/vulnerability/pdf/2024-001_en.pdf\n3. https://www.cisa.gov/news-events/ics-advisories/icsa-24-135-04", "creation_timestamp": "2025-03-21T21:22:07.000000Z"}, {"uuid": "dbdf4aed-1b54-4393-a882-7c5c815b1d50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26317", "type": "seen", "source": "https://t.me/cvedetector/16495", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-26317 - Illumos IPsec Elliptic Curve Point Addition Algorithm Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-26317 \nPublished : Jan. 27, 2025, 6:15 p.m. | 22\u00a0minutes ago \nDescription : In illumos illumos-gate 2024-02-15, an error occurs in the elliptic curve point addition algorithm that uses mixed Jacobian-affine coordinates, causing the algorithm to yield a result of POINT_AT_INFINITY when it should not. A man-in-the-middle attacker could use this to interfere with a connection, resulting in an attacked party computing an incorrect shared secret. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-27T20:11:29.000000Z"}, {"uuid": "c05c25e3-930d-43b2-b15d-78424d82c122", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2631", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9511", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-2631\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)\n\ud83d\udccf Published: 2024-03-20T17:06:45.472Z\n\ud83d\udccf Modified: 2025-03-28T23:53:50.051Z\n\ud83d\udd17 References:\n1. https://chromereleases.googleblog.com/2024/03/stable-channel-update-for-desktop_19.html\n2. https://issues.chromium.org/issues/41495878\n3. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2D3Z6CRRN4J3IUZPJZVURGMRBN6WFPTU/\n4. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/AQVVW4FLQDIJ2UABGXK2SMS5AUGT54FM/\n5. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6JINDYFB3MPH43ECTI72BV63K4RXSG22/", "creation_timestamp": "2025-03-29T00:28:36.000000Z"}, {"uuid": "6feb390c-82e6-4262-b400-3528a9c7bcb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26310", "type": "seen", "source": "https://t.me/ctinow/190090", "content": "https://ift.tt/4tf3KEo\nCVE-2024-26310", "creation_timestamp": "2024-02-21T21:31:54.000000Z"}, {"uuid": "2aed22aa-bea4-4987-8d3d-a63f355b1068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26310", "type": "seen", "source": "https://t.me/arpsyndicate/4073", "content": "#ExploitObserverAlert\n\nCVE-2024-26310\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26310. Archer Platform 6.8 before 6.14 P2 (6.14.0.2) contains an improper access control vulnerability. A remote authenticated malicious user could potentially exploit this to gain access to API information that should only be accessible with extra privileges.", "creation_timestamp": "2024-02-22T22:17:07.000000Z"}, {"uuid": "ac754234-4d0c-43e7-b1a0-5a7c8ed7c828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26311", "type": "seen", "source": "https://t.me/arpsyndicate/4057", "content": "#ExploitObserverAlert\n\nCVE-2024-26311\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26311. Archer Platform 6.x before 6.14 P2 HF1 (6.14.0.2.1) contains a reflected XSS vulnerability. A remote authenticated malicious Archer user could potentially exploit this by tricking a victim application user into supplying malicious JavaScript code to the vulnerable web application. This code is then reflected to the victim and gets executed by the web browser in the context of the vulnerable web application.", "creation_timestamp": "2024-02-22T21:27:18.000000Z"}, {"uuid": "d02da035-5638-4469-882a-f89dd62cdaee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26311", "type": "seen", "source": "https://t.me/ctinow/206586", "content": "https://ift.tt/itl1hVP\nCVE-2024-26311 | Archer Platform up to 6.14 P2 cross site scripting", "creation_timestamp": "2024-03-13T11:41:11.000000Z"}, {"uuid": "96aa272a-a94c-45e9-a664-249eb742d6c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26310", "type": "seen", "source": "https://t.me/ctinow/206556", "content": "https://ift.tt/cxONTnP\nCVE-2024-26310 | Archer Platform up to 6.14 P1 API access control", "creation_timestamp": "2024-03-13T11:11:32.000000Z"}, {"uuid": "6ec1d9aa-cea4-45ec-9c48-f592a0087d13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2631", "type": "seen", "source": "https://t.me/arpsyndicate/4421", "content": "#ExploitObserverAlert\n\nCVE-2024-2631\n\nDESCRIPTION: Exploit Observer has 24 entries in 5 file formats related to CVE-2024-2631. Inappropriate implementation in iOS in Google Chrome prior to 123.0.6312.58 allowed a remote attacker to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)\n\nFIRST-EPSS: 0.000450000\nNVD-IS: 1.4\nNVD-ES: 2.8", "creation_timestamp": "2024-04-09T20:55:19.000000Z"}, {"uuid": "90fbc11c-e426-460d-853d-5288089b0c7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26318", "type": "seen", "source": "https://t.me/arpsyndicate/3550", "content": "#ExploitObserverAlert\n\nCVE-2024-26318\n\nDESCRIPTION: Exploit Observer has 1 entries in 1 file formats related to CVE-2024-26318. Serenity before 6.8.0 allows XSS via an email link because LoginPage.tsx permits return URLs that do not begin with a / character.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-20T05:22:20.000000Z"}, {"uuid": "25118eed-b43b-4a68-8315-6d1e2fe532c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26311", "type": "seen", "source": "https://t.me/ctinow/190101", "content": "https://ift.tt/fpjGMRA\nCVE-2024-26311", "creation_timestamp": "2024-02-21T21:36:37.000000Z"}, {"uuid": "0bf9535d-c7aa-434c-8210-f5b8f91ba5b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26310", "type": "seen", "source": "https://t.me/ctinow/190100", "content": "https://ift.tt/4tf3KEo\nCVE-2024-26310", "creation_timestamp": "2024-02-21T21:36:36.000000Z"}, {"uuid": "da2af202-ce35-4012-8045-70d1f1032eea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26311", "type": "seen", "source": "https://t.me/ctinow/190091", "content": "https://ift.tt/fpjGMRA\nCVE-2024-26311", "creation_timestamp": "2024-02-21T21:31:55.000000Z"}, {"uuid": "83698c4a-2a2d-4e32-92f3-40e6335edca9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26318", "type": "seen", "source": "https://t.me/ctinow/187450", "content": "https://ift.tt/ketFRm8\nCVE-2024-26318", "creation_timestamp": "2024-02-19T05:26:07.000000Z"}, {"uuid": "92a521a7-4e4d-4fbf-b673-bc1b8459dd61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-26318", "type": "seen", "source": "https://t.me/ctinow/187449", "content": "https://ift.tt/ketFRm8\nCVE-2024-26318", "creation_timestamp": "2024-02-19T05:21:16.000000Z"}]}