{"vulnerability": "CVE-2024-3714", "sightings": [{"uuid": "35274c95-8d24-4650-bb98-76562473e486", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37144", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113626119972835824", "content": "", "creation_timestamp": "2024-12-10T02:16:37.201828Z"}, {"uuid": "3dc5fdef-f5fc-4d2e-9410-a43f779bc068", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37143", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113626246378021364", "content": "", "creation_timestamp": "2024-12-10T02:48:45.973920Z"}, {"uuid": "10cf175f-d7c1-4c50-915b-d3dec7b251d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37143", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113627305363468532", "content": "", "creation_timestamp": "2024-12-10T07:18:04.647728Z"}, {"uuid": "7efbb33d-2c6f-42a2-9165-5c594e597d7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37143", "type": "seen", "source": "https://infosec.exchange/users/dragonjar/statuses/113645169879560898", "content": "", "creation_timestamp": "2024-12-13T11:01:21.178573Z"}, {"uuid": "2bd09e33-8142-420b-b7ad-89845011217d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37142", "type": "seen", "source": "https://t.me/cvedetector/2125", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37142 - Dell Peripheral Manager DLL Hijacking Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-37142 \nPublished : July 31, 2024, 9:15 a.m. | 28\u00a0minutes ago \nDescription : Dell Peripheral Manager, versions prior to 1.7.6, contain an uncontrolled search path element vulnerability. An attacker could potentially exploit this vulnerability through preloading malicious DLL or symbolic link exploitation, leading to arbitrary code execution and escalation of privilege \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-31T11:49:09.000000Z"}, {"uuid": "5b535522-f3b0-4cbb-8a2f-b80172860154", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37143", "type": "seen", "source": "https://t.me/CyberBulletin/1745", "content": "\u26a1\ufe0fDell Warns of Critical Flaws in Enterprise Products, Including CVE-2024-37143 (CVSS 10).\n\n#CyberBulletin", "creation_timestamp": "2024-12-13T12:46:35.000000Z"}, {"uuid": "b6bc6631-e014-4740-a7fe-d1345d3a9261", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37143", "type": "seen", "source": "https://t.me/cvedetector/12478", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37143 - Dell PowerFlex Improper Link Resolution Before File Access RCE\", \n  \"Content\": \"CVE ID : CVE-2024-37143 \nPublished : Dec. 10, 2024, 3:15 a.m. | 40\u00a0minutes ago \nDescription : Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0, Dell InsightIQ versions prior to 5.1.1, and Dell Data Lakehouse versions prior to 1.2.0.0 contain an Improper Link Resolution Before File Access vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability to execute arbitrary code on the system. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-10T04:56:03.000000Z"}, {"uuid": "b0f7f04b-38af-4aea-b491-1616b807ba28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37144", "type": "seen", "source": "https://t.me/cvedetector/12477", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37144 - Dell PowerFlex Insecure Storage of Sensitive Information Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-37144 \nPublished : Dec. 10, 2024, 3:15 a.m. | 40\u00a0minutes ago \nDescription : Dell PowerFlex appliance versions prior to IC 46.381.00 and IC 46.376.00, Dell PowerFlex rack versions prior to RCM 3.8.1.0 (for RCM 3.8.x train) and prior to RCM 3.7.6.0 (for RCM 3.7.x train), Dell PowerFlex custom node using PowerFlex Manager versions prior to 4.6.1.0, Dell InsightIQ versions prior to 5.1.1, and Dell Data Lakehouse versions prior to 1.2.0.0 contain an Insecure Storage of Sensitive Information vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to information disclosure. The attacker may be able to use information disclosed to gain unauthorized access to pods within the cluster. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-10T04:56:03.000000Z"}, {"uuid": "33cb2517-0dd5-424b-9255-874fdfcd75e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37149", "type": "seen", "source": "https://t.me/cvedetector/587", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37149 - GLPI is an open-source asset and IT management sof\", \n  \"Content\": \"CVE ID : CVE-2024-37149 \nPublished : July 10, 2024, 8:15 p.m. | 17\u00a0minutes ago \nDescription : GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated technician user can upload a malicious PHP script and hijack the plugin loader to execute this malicious script. Upgrade to 10.0.16. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T22:39:29.000000Z"}, {"uuid": "9706177e-3108-4aa4-b4f4-b5f39d6397bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37147", "type": "seen", "source": "https://t.me/cvedetector/581", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37147 - GLPI is an open-source asset and IT management sof\", \n  \"Content\": \"CVE ID : CVE-2024-37147 \nPublished : July 10, 2024, 7:15 p.m. | 26\u00a0minutes ago \nDescription : GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can attach a document to any item, even if the user has no write access on it. Upgrade to 10.0.16. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T21:49:15.000000Z"}, {"uuid": "a583a0e0-cccf-4af3-8756-5f2c74c7ab01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37148", "type": "seen", "source": "https://t.me/cvedetector/586", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37148 - GLPI is an open-source asset and IT management sof\", \n  \"Content\": \"CVE ID : CVE-2024-37148 \nPublished : July 10, 2024, 8:15 p.m. | 17\u00a0minutes ago \nDescription : GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. An authenticated user can exploit a SQL injection vulnerability in some AJAX scripts to alter another user account data and take control of it. Upgrade to 10.0.16. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T22:39:28.000000Z"}, {"uuid": "095c3804-065e-45bc-8f58-e6a4e14a97ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37143", "type": "seen", "source": "https://t.me/CyberBulletin/26776", "content": "\u26a1\ufe0fDell Warns of Critical Flaws in Enterprise Products, Including CVE-2024-37143 (CVSS 10).\n\n#CyberBulletin", "creation_timestamp": "2024-12-13T12:46:35.000000Z"}]}