{"vulnerability": "CVE-2024-3513", "sightings": [{"uuid": "564293c2-d787-4b59-b418-e8afaa372719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35138", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113947567978978043", "content": "", "creation_timestamp": "2025-02-04T20:45:04.404707Z"}, {"uuid": "f05ac681-2fd5-485f-a53c-8bf0bc15edf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35138", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhey3pdwzb2t", "content": "", "creation_timestamp": "2025-02-04T21:15:50.061210Z"}, {"uuid": "4bf57cc5-a6e6-4d96-96fe-177bac26bee7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35134", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lglk743q7m2r", "content": "", "creation_timestamp": "2025-01-25T18:30:43.201096Z"}, {"uuid": "e4993094-3d61-4c03-99bf-d4c3a53db2e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35138", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhf3uvhmmb2y", "content": "", "creation_timestamp": "2025-02-04T22:23:37.692772Z"}, {"uuid": "4f5a92ca-4adf-43f9-acca-ff117bdc22a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35138", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5045", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-35138\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.\n\ud83d\udccf Published: 2025-02-04T20:38:34.306Z\n\ud83d\udccf Modified: 2025-02-22T16:44:58.520Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7182386", "creation_timestamp": "2025-02-22T17:19:20.000000Z"}, {"uuid": "e412b6df-cb20-433c-99ed-cecd6dd0a31b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35138", "type": "seen", "source": "https://t.me/cvedetector/17257", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35138 - IBM Security Verify Access Appliance and Container CSRF\", \n  \"Content\": \"CVE ID : CVE-2024-35138 \nPublished : Feb. 4, 2025, 9:15 p.m. | 2\u00a0hours, 7\u00a0minutes ago \nDescription : IBM Security Verify Access Appliance and Container 10.0.0 through 10.0.8 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-05T00:46:03.000000Z"}, {"uuid": "add0ffeb-06bc-4e92-90a6-a35d9b967ecb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35134", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3088", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-35134\n\ud83d\udd39 Description: IBM Analytics Content Hub 2.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.\n\ud83d\udccf Published: 2025-01-25T14:05:45.345Z\n\ud83d\udccf Modified: 2025-01-25T14:05:45.345Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7172787", "creation_timestamp": "2025-01-25T15:05:07.000000Z"}, {"uuid": "3039a335-76cd-44b8-9165-c2d54faeefa6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35134", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3092", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-x4qv-h94m-pw9j\n\ud83d\udd25 CVSS Score: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N\n\ud83d\udd39 Description: IBM Analytics Content Hub 2.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system.\n\ud83d\udccf Published: 2025-01-25T15:30:31Z\n\ud83d\udccf Modified: 2025-01-25T15:30:31Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-35134\n2. https://www.ibm.com/support/pages/node/7172787", "creation_timestamp": "2025-01-25T17:06:06.000000Z"}, {"uuid": "5f6ffea5-9d9c-459f-b424-3b2823cf46db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35133", "type": "seen", "source": "https://t.me/cvedetector/4434", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35133 - IBM Security Verify Access Phishing Redirect Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-35133 \nPublished : Aug. 29, 2024, 5:15 p.m. | 44\u00a0minutes ago \nDescription : IBM Security Verify Access 10.0.0 through 10.0.8 OIDC Provider could allow a remote attacker to conduct phishing attacks, using an open redirect attack. By persuading a victim to visit a specially crafted Web site, a remote attacker could exploit this vulnerability to spoof the URL displayed to redirect a user to a malicious Web site that would appear to be trusted. This could allow the attacker to obtain highly sensitive information or conduct further attacks against the victim. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-29T20:24:32.000000Z"}, {"uuid": "3881eed5-4134-4901-9445-8b2b80bed9fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35134", "type": "seen", "source": "https://t.me/cvedetector/16389", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35134 - IBM Analytics Content Hub Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-35134 \nPublished : Jan. 25, 2025, 2:15 p.m. | 1\u00a0hour, 9\u00a0minutes ago \nDescription : IBM Analytics Content Hub 2.0 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-25T17:10:05.000000Z"}, {"uuid": "d235dd2d-5dc0-42ad-a5e6-4db3a35ea4bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-35136", "type": "seen", "source": "https://t.me/cvedetector/3194", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-35136 - IBM Db2 Federated Server Denial of Service (DoS)\", \n  \"Content\": \"CVE ID : CVE-2024-35136 \nPublished : Aug. 14, 2024, 6:15 p.m. | 28\u00a0minutes ago \nDescription : IBM Db2 for Linux, UNIX and Windows (includes DB2 Connect Server) federated server 10.5, 11.1, and 11.5 is vulnerable to denial of service with a specially crafted query under certain conditions.  IBM X-Force ID:  291307. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T20:44:30.000000Z"}]}