{"vulnerability": "CVE-2024-4058", "sightings": [{"uuid": "a9a8827d-3e72-43ee-8986-04a03b7c6224", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-40582", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113623679448406024", "content": "", "creation_timestamp": "2024-12-09T15:55:57.973717Z"}, {"uuid": "0350fd90-c52c-44a9-9cba-0a3e8b7f0f61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-40583", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113623679448406024", "content": "", "creation_timestamp": "2024-12-09T15:55:58.023034Z"}, {"uuid": "e0c2aea0-d085-4897-a1ba-cb6b643f669a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-40583", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113623679462789687", "content": "", "creation_timestamp": "2024-12-09T15:55:59.430367Z"}, {"uuid": "d8d07811-958c-40ef-a9ca-327d3b1e170a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-40582", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113623679462789687", "content": "", "creation_timestamp": "2024-12-09T15:55:59.475727Z"}, {"uuid": "fbabd644-e412-4af9-ac93-cacdccbb599f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40587", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827414210516561", "content": "", "creation_timestamp": "2025-01-14T15:28:24.016046Z"}, {"uuid": "aa3af9f6-d07c-4af6-b4a8-14d26018abbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40587", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgvtw6np2n", "content": "", "creation_timestamp": "2025-01-14T14:17:13.454366Z"}, {"uuid": "b459ca04-487c-4c89-bf3b-2d290c162d9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40587", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1625", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-40587\n\ud83d\udd39 Description: An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiVoice version 7.0.0 through 7.0.4 and before 6.4.9 allows an authenticated privileged attacker to execute unauthorized code or commands via crafted CLI requests.\n\ud83d\udccf Published: 2025-01-14T14:09:40.739Z\n\ud83d\udccf Modified: 2025-01-14T20:54:17.369Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-304", "creation_timestamp": "2025-01-14T21:12:09.000000Z"}, {"uuid": "6e826774-0495-4938-8ff6-1d752263e7d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40584", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113986226684431983", "content": "", "creation_timestamp": "2025-02-11T16:36:29.734935Z"}, {"uuid": "1736a7be-ca09-4f1f-8e3a-f436c2f1a071", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40586", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113986226698718423", "content": "", "creation_timestamp": "2025-02-11T16:36:29.848903Z"}, {"uuid": "c2972ea8-4e7f-45c6-babc-a310369b3c5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40584", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhw5y63pwd2s", "content": "", "creation_timestamp": "2025-02-11T17:16:28.985454Z"}, {"uuid": "102e7b4b-93a9-405d-b20c-bae3206202de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40586", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhw5yb6lwl2x", "content": "", "creation_timestamp": "2025-02-11T17:16:32.265784Z"}, {"uuid": "e27c2e5f-fd22-4fb7-bfb5-0d6598ae1324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40586", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113986497919466758", "content": "", "creation_timestamp": "2025-02-11T17:45:28.888006Z"}, {"uuid": "57dbe677-f81f-4a8a-a14a-49d038555184", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40585", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113986497919466758", "content": "", "creation_timestamp": "2025-02-11T17:45:28.942695Z"}, {"uuid": "116b9c04-daaa-4c98-9352-b89486a850bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40584", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113986497919466758", "content": "", "creation_timestamp": "2025-02-11T17:45:29.216683Z"}, {"uuid": "478776b2-013d-482a-b16d-9cdc96978dcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40584", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhwbkap75422", "content": "", "creation_timestamp": "2025-02-11T18:20:17.581600Z"}, {"uuid": "3adcf702-1a0e-48f1-be5a-231669dce179", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40586", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhwbkasxiu2n", "content": "", "creation_timestamp": "2025-02-11T18:20:18.123659Z"}, {"uuid": "4eace6ca-5d39-4e31-8a55-c061359ad2a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40585", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114162103566286961", "content": "", "creation_timestamp": "2025-03-14T18:04:18.026793Z"}, {"uuid": "20159a03-3a4a-4e48-8adc-cac247c8d3aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40586", "type": "seen", "source": "https://t.me/cvedetector/17730", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40586 - FortiClient Improper Access Control Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-40586 \nPublished : Feb. 11, 2025, 5:15 p.m. | 58\u00a0minutes ago \nDescription : An\u00a0Improper Access Control vulnerability [CWE-284] in FortiClient Windows version 7.4.0, version 7.2.6 and below, version 7.0.13 and below may allow a local user to escalate his privileges via\u00a0FortiSSLVPNd service pipe. \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-11T19:53:03.000000Z"}, {"uuid": "9e68640d-f843-44f6-96a9-fc7407fa1e9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40584", "type": "seen", "source": "https://t.me/cvedetector/17729", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40584 - Fortinet FortiAnalyzer/FortiManager/FortiAnalyzer BigData/FortiAnalyzer Cloud/FortiManager Cloud OS Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-40584 \nPublished : Feb. 11, 2025, 5:15 p.m. | 58\u00a0minutes ago \nDescription : An improper neutralization of special elements used in an OS command ('OS Command Injection') vulnerability [CWE-78] in Fortinet FortiAnalyzer version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15 and 6.2.2 through 6.2.13, Fortinet FortiManager version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.13, 6.4.0 through 6.4.15 and 6.2.2 through 6.2.13, Fortinet FortiAnalyzer BigData version 7.4.0, 7.2.0 through 7.2.7, 7.0.1 through 7.0.6, 6.4.5 through 6.4.7 and 6.2.5, Fortinet FortiAnalyzer Cloud version 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.13 and 6.4.1 through 6.4.7 and Fortinet FortiManager Cloud version 7.4.1 through 7.4.3, 7.2.1 through 7.2.5, 7.0.1 through 7.0.13 and 6.4.1 through 6.4.7 GUI allows an authenticated privileged attacker to execute unauthorized code or commands via crafted HTTPS or HTTP requests. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-11T19:53:02.000000Z"}, {"uuid": "ebe2e817-10d4-4ca8-a4fb-16c83063c091", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40585", "type": "seen", "source": "https://t.me/cvedetector/20322", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40585 - FortiManager/FortiAnalyzer Log Injection Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40585 \nPublished : March 14, 2025, 4:15 p.m. | 1\u00a0hour, 19\u00a0minutes ago \nDescription : An insertion of sensitive information into log file vulnerabilities [CWE-532] in FortiManager version 7.4.0, version 7.2.3 and below, version 7.0.8 and below, version 6.4.12 and below, version 6.2.11 and below and FortiAnalyzer version 7.4.0, version 7.2.3 and below, version 7.0.8 and below, version 6.4.12 and below, version 6.2.11 and below eventlog may allow any low privileged user with access to event log section to retrieve certificate private key and encrypted password logged as system log. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T19:13:20.000000Z"}, {"uuid": "c50afc82-3454-4b61-858c-09aa00ff22c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4058", "type": "seen", "source": "https://t.me/xakep_ru/15748", "content": "\u0412 Chrome \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430 \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u044b \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0438 16 000 \u0434\u043e\u043b\u043b\u0430\u0440\u043e\u0432\n\n\u041d\u0430 \u044d\u0442\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 Google \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043b\u044f Chrome 124, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442 \u0447\u0435\u0442\u044b\u0440\u0435 \u0441\u0440\u0430\u0437\u0443 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 CVE-2024-4058 \u0432 ANGLE (Almost Native Graphics Layer Engine).\n\nhttps://xakep.ru/2024/04/26/angle-critical-bug/", "creation_timestamp": "2024-04-26T12:37:43.000000Z"}, {"uuid": "f9f071db-e443-436b-ac6d-a551a4aadc8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40582", "type": "seen", "source": "https://t.me/cvedetector/12412", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40582 - Pentaminds CuroVMS Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-40582 \nPublished : Dec. 9, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Pentaminds CuroVMS v2.0.1 was discovered to contain exposed sensitive information. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T18:02:53.000000Z"}, {"uuid": "31214825-ce5b-49d0-afbe-1a601abc23c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4058", "type": "seen", "source": "https://t.me/information_security_channel/52038", "content": "Google Patches Critical Chrome Vulnerability\nhttps://www.securityweek.com/google-patches-critical-chrome-vulnerability/\n\nGoogle patches CVE-2024-4058, a critical Chrome vulnerability for which researchers earned a $16,000 reward.\u00a0\nThe post Google Patches Critical Chrome Vulnerability (https://www.securityweek.com/google-patches-critical-chrome-vulnerability/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-04-24T16:10:53.000000Z"}, {"uuid": "b135b317-b92e-412b-8e3f-552f6c509ec0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40583", "type": "seen", "source": "https://t.me/cvedetector/12411", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40583 - Pentaminds CuroVMS Exposed Credentials Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40583 \nPublished : Dec. 9, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Pentaminds CuroVMS v2.0.1 was discovered to contain exposed credentials. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T18:02:52.000000Z"}, {"uuid": "095c8595-97b8-46c0-9bab-2ddb2c59707d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40585", "type": "seen", "source": "Telegram/8lnH4SAKcJljNLo4qBVehFRbGjpB-8sFSyZCEFzGNm2VGGg", "content": "", "creation_timestamp": "2025-02-11T18:36:20.000000Z"}, {"uuid": "53990727-c1eb-436d-a302-cdf175ab3f4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4058", "type": "seen", "source": "https://t.me/ctinow/216247", "content": "https://ift.tt/afIyc2h\nGoogle fixed critical Chrome vulnerability CVE-2024-4058", "creation_timestamp": "2024-04-25T10:36:34.000000Z"}]}