{"vulnerability": "CVE-2024-3651", "sightings": [{"uuid": "5d25b12d-b261-4ada-96b3-3b016757c7c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36513", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113471621703891497", "content": "", "creation_timestamp": "2024-11-12T19:25:41.159163Z"}, {"uuid": "88bd9e7e-dc16-4748-b93f-dccf976b6480", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36512", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113827247227062238", "content": "", "creation_timestamp": "2025-01-14T14:45:55.526324Z"}, {"uuid": "caec9e00-bf71-433b-af60-0b5a37ef7a83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36512", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgvrgm342j", "content": "", "creation_timestamp": "2025-01-14T14:17:10.870341Z"}, {"uuid": "278d324b-64c9-4de3-a583-35761d83e135", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36512", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113827355879730690", "content": "", "creation_timestamp": "2025-01-14T15:13:33.794689Z"}, {"uuid": "7ab03d9c-153f-41f7-a4d1-1a8d050e2b32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36510", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827414180276520", "content": "", "creation_timestamp": "2025-01-14T15:28:22.976791Z"}, {"uuid": "b696e9a3-c5b9-4ac0-b702-0c5b1ee855d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36512", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827414195850452", "content": "", "creation_timestamp": "2025-01-14T15:28:23.334539Z"}, {"uuid": "ccf1fd8d-007a-4103-adae-28baef18ca53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36510", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgvp5ddu2j", "content": "", "creation_timestamp": "2025-01-14T14:17:08.625665Z"}, {"uuid": "473dabbc-772c-40d0-85da-b49f6264cd04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3651", "type": "seen", "source": "https://gist.github.com/morecitricacid-coder/ec64f9313e2ced9b564171986dff5be5", "content": "", "creation_timestamp": "2026-02-27T08:45:57.000000Z"}, {"uuid": "5eb40d57-3ed9-4844-b8c5-dd8b77915746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3651", "type": "seen", "source": "https://gist.github.com/Darkcrai86/43cb7575459ddae3fd84494950558e5a", "content": "", "creation_timestamp": "2025-09-23T15:00:33.000000Z"}, {"uuid": "9fdc9c3b-4b49-4d29-a01f-ea949940f30d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-3651", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "c21a91a5-7942-408a-a398-9590a5478849", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-3651", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0395/", "content": "", "creation_timestamp": "2026-04-02T17:00:00.000000Z"}, {"uuid": "9e1fac98-52e4-4255-a11a-dc874fc92080", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36512", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1607", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-36512\n\ud83d\udd39 Description: An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer 7.4.0 through 7.4.3 and 7.2.0 through 7.2.5 and 7.0.2 through 7.0.12 and 6.2.10 through 6.2.13 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPS requests.\n\ud83d\udccf Published: 2025-01-14T14:08:44.576Z\n\ud83d\udccf Modified: 2025-01-14T20:56:36.826Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-152", "creation_timestamp": "2025-01-14T21:10:20.000000Z"}, {"uuid": "99c6b582-1a40-471b-ae67-2339c4a48a65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36510", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1773", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-36510\n\ud83d\udd39 Description: An observable response discrepancy vulnerability [CWE-204] in FortiClientEMS 7.4.0, 7.2.0 through 7.2.4, 7.0 all versions, and FortiSOAR 7.5.0, 7.4.0 through 7.4.4, 7.3.0 through 7.3.2, 7.2 all versions, 7.0 all versions, 6.4 all versions may allow an unauthenticated attacker to enumerate valid users via observing login request responses.\n\ud83d\udccf Published: 2025-01-14T14:09:49.286Z\n\ud83d\udccf Modified: 2025-01-15T14:51:13.708Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-071", "creation_timestamp": "2025-01-15T15:11:05.000000Z"}, {"uuid": "8fc5962d-9266-4773-8106-94db2e75f216", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36514", "type": "seen", "source": "https://t.me/cvedetector/3992", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36514 - Zohocorp ManageEngine ADAudit Plus SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-36514 \nPublished : Aug. 23, 2024, 2:15 p.m. | 42\u00a0minutes ago \nDescription : Zohocorp\u00a0ManageEngine\u00a0ADAudit Plus versions below\u00a08000 are vulnerable to the authenticated SQL injection in file summary option. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T17:07:59.000000Z"}, {"uuid": "1bb19817-bdd9-4f51-bca6-7e7d6f3f3ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36517", "type": "seen", "source": "https://t.me/cvedetector/3991", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36517 - Zohocorp ManageEngine ADAudit Plus SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-36517 \nPublished : Aug. 23, 2024, 2:15 p.m. | 42\u00a0minutes ago \nDescription : Zohocorp\u00a0ManageEngine\u00a0ADAudit Plus versions below\u00a08000 are vulnerable to the authenticated SQL injection in alerts module. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T17:07:58.000000Z"}, {"uuid": "fd0f16da-fdd4-4b32-8a75-dfbfac8533b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36516", "type": "seen", "source": "https://t.me/cvedetector/3990", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36516 - Zohocorp\u00a0ManageEngine\u00a0ADAudit Plus versions below\", \n  \"Content\": \"CVE ID : CVE-2024-36516 \nPublished : Aug. 23, 2024, 2:15 p.m. | 42\u00a0minutes ago \nDescription : Zohocorp\u00a0ManageEngine\u00a0ADAudit Plus versions below\u00a08000 are vulnerable to the authenticated SQL injection in dashboard.  \nNote: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T17:07:57.000000Z"}, {"uuid": "173a6189-ca3b-4613-a3ad-6035ff9198da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36515", "type": "seen", "source": "https://t.me/cvedetector/3990", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36516 - Zohocorp\u00a0ManageEngine\u00a0ADAudit Plus versions below\", \n  \"Content\": \"CVE ID : CVE-2024-36516 \nPublished : Aug. 23, 2024, 2:15 p.m. | 42\u00a0minutes ago \nDescription : Zohocorp\u00a0ManageEngine\u00a0ADAudit Plus versions below\u00a08000 are vulnerable to the authenticated SQL injection in dashboard.  \nNote: This vulnerability is different from another vulnerability (CVE-2024-36515), both of which have affected ADAudit Plus' dashboard. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T17:07:57.000000Z"}, {"uuid": "b431af9d-a377-4674-bf04-da3eaf84a967", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36516", "type": "seen", "source": "https://t.me/cvedetector/3989", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36515 - Zohocorp ManageEngine ADAudit Plus SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-36515 \nPublished : Aug. 23, 2024, 2:15 p.m. | 42\u00a0minutes ago \nDescription : Zohocorp\u00a0ManageEngine\u00a0ADAudit Plus versions below\u00a08000 are vulnerable to the authenticated SQL injection in dashboard.  \nNote: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T17:07:56.000000Z"}, {"uuid": "b5e94f61-1413-45a6-a63d-a373c3aeee2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36515", "type": "seen", "source": "https://t.me/cvedetector/3989", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36515 - Zohocorp ManageEngine ADAudit Plus SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-36515 \nPublished : Aug. 23, 2024, 2:15 p.m. | 42\u00a0minutes ago \nDescription : Zohocorp\u00a0ManageEngine\u00a0ADAudit Plus versions below\u00a08000 are vulnerable to the authenticated SQL injection in dashboard.  \nNote: This vulnerability is different from another vulnerability (CVE-2024-36516), both of which have affected ADAudit Plus' dashboard. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T17:07:56.000000Z"}, {"uuid": "4c60bad9-abd1-4b97-8d49-b1dc9c91035c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3651", "type": "seen", "source": "https://t.me/cvedetector/165", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-3651 - A vulnerability was identified in the kjd/idna lib\", \n  \"Content\": \"CVE ID : CVE-2024-3651 \nPublished : July 7, 2024, 6:15 p.m. | 33\u00a0minutes ago \nDescription : A vulnerability was identified in the kjd/idna library, specifically within the `idna.encode()` function, affecting version 3.6. The issue arises from the function's handling of crafted input strings, which can lead to quadratic complexity and consequently, a denial of service condition. This vulnerability is triggered by a crafted input that causes the `idna.encode()` function to process the input with considerable computational load, significantly increasing the processing time in a quadratic manner relative to the input size. \nSeverity: 6.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-07T20:56:29.000000Z"}, {"uuid": "33ec97b4-6a47-43d2-a74f-f3631cc2fbf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36511", "type": "seen", "source": "https://t.me/cvedetector/5247", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36511 - FortiADC Cookie Security Policy Validation Bypass Remote Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-36511 \nPublished : Sept. 10, 2024, 3:15 p.m. | 45\u00a0minutes ago \nDescription : An improperly implemented security check for standard vulnerability [CWE-358] in FortiADC Web Application Firewall (WAF) 7.4.0 through 7.4.4, 7.2 all versions, 7.1 all versions, 7.0 all versions, 6.2 all versions, 6.1 all versions, 6.0 all versions when cookie security policy is enabled may allow an attacker, under specific conditions, to retrieve the initial encrypted and signed cookie protected by the feature \nSeverity: 3.7 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-10T18:25:16.000000Z"}]}