{"vulnerability": "CVE-2024-4125", "sightings": [{"uuid": "ba1b6de9-8f7b-4f2d-8851-e5c26147d51b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41254", "type": "seen", "source": "https://t.me/cvedetector/2180", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41254 - Litestream SSH Host Key Verification Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41254 \nPublished : July 31, 2024, 9:15 p.m. | 45\u00a0minutes ago \nDescription : An issue was discovered in litestream v0.3.13. The usage of the ssh.InsecureIgnoreHostKey() disables host key verification, possibly allowing attackers to obtain sensitive information via a man-in-the-middle attack. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-01T00:22:01.000000Z"}, {"uuid": "4c750a97-3c5c-487c-a59a-769eb6da8ef7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41259", "type": "seen", "source": "https://t.me/cvedetector/2270", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41259 - Navidrome Gravatar Insecure Hashing Algorithm\", \n  \"Content\": \"CVE ID : CVE-2024-41259 \nPublished : Aug. 1, 2024, 9:15 p.m. | 26\u00a0minutes ago \nDescription : Use of insecure hashing algorithm in the Gravatar's service in Navidrome v0.52.3 allows attackers to manipulate a user's account information. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-01T23:47:20.000000Z"}, {"uuid": "de02af9b-5bfa-42b4-8174-117cf92577cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41250", "type": "seen", "source": "https://t.me/cvedetector/2720", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41250 - Kashipara Responsive School Management System Unauthenticated Access Control Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-41250 \nPublished : Aug. 7, 2024, 5:15 p.m. | 42\u00a0minutes ago \nDescription : An Incorrect Access Control vulnerability was found in /smsa/view_students.php in Kashipara Responsive School Management System v3.2.0, which allows remote unauthenticated attackers to view STUDENT details. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-07T20:19:48.000000Z"}, {"uuid": "9ddce4c4-5ab0-4608-a72d-5895becdb1b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41255", "type": "seen", "source": "https://t.me/cvedetector/2176", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41255 - Filestash FTPS Certificate Verification Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-41255 \nPublished : July 31, 2024, 9:15 p.m. | 45\u00a0minutes ago \nDescription : filestash v0.4 is configured to skip TLS certificate verification when using the FTPS protocol, possibly allowing attackers to execute a man-in-the-middle attack via the Init function of index.go. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-01T00:21:54.000000Z"}, {"uuid": "8b294c7d-d1ab-4629-97a2-8381c125eeed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41253", "type": "seen", "source": "https://t.me/cvedetector/2177", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41253 - Goframe Man-In-The-Middle Attack\", \n  \"Content\": \"CVE ID : CVE-2024-41253 \nPublished : July 31, 2024, 9:15 p.m. | 45\u00a0minutes ago \nDescription : goframe v2.7.2 is configured to skip TLS certificate verification, possibly allowing attackers to execute a man-in-the-middle attack via the gclient component. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-01T00:21:58.000000Z"}, {"uuid": "c1338c02-b44f-4174-bbbb-2f4129aa7c22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41256", "type": "seen", "source": "https://t.me/cvedetector/2175", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41256 - Filestash TLS Certificate Verification Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-41256 \nPublished : July 31, 2024, 9:15 p.m. | 45\u00a0minutes ago \nDescription : Default configurations in the ShareProofVerifier function of filestash v0.4 causes the application to skip the TLS certificate verification process when sending out email verification codes, possibly allowing attackers to access sensitive data via a man-in-the-middle attack. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-01T00:21:53.000000Z"}, {"uuid": "370ef4b3-ec01-4ba0-b0d6-397a5d4465ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41258", "type": "seen", "source": "https://t.me/cvedetector/2174", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41258 - Filestash SSH Insecure Host Key Verification Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41258 \nPublished : July 31, 2024, 9:15 p.m. | 45\u00a0minutes ago \nDescription : An issue was discovered in filestash v0.4. The usage of the ssh.InsecureIgnoreHostKey() disables host key verification, possibly allowing attackers to obtain sensitive information via a man-in-the-middle attack. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-01T00:21:52.000000Z"}]}