{"vulnerability": "CVE-2024-4165", "sightings": [{"uuid": "edd35c6b-58bb-4c8a-a44e-0816837683c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4165", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/83", "content": "\ud83d\udccc **CVE ID**: GHSA-87r4-wg36-7x2v\n\ud83d\udd17 **Aliases**: CVE-2024-41765\n\ud83d\udd39 **Details**: IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system.\n\ud83d\udd22 **Severity**: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\n\ud83d\uddd3\ufe0f **Modified**: 2025-01-04T15:30:45Z\n\ud83d\uddd3\ufe0f **Published**: 2025-01-04T15:30:45Z\n\ud83c\udff7\ufe0f **CWE IDs**: CWE-22\n\ud83d\udd17 **References**:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-4165\n2. https://www.ibm.com/support/pages/node/180201", "creation_timestamp": "2025-01-05T01:35:59.000000Z"}, {"uuid": "5ebe8478-1aa0-478b-8221-d7d064e36ad1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41651", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8207", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-41651\nURL\uff1ahttps://github.com/Fckroun/CVE-2024-41651\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-08T17:30:12.000000Z"}, {"uuid": "8044de63-ace5-436b-aa6b-fb5a048698ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4165", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/105", "content": "\ud83d\udccc **CVE ID**: GHSA-87r4-wg36-7x2v\n\ud83d\udd17 **Aliases**: CVE-2024-41765\n\ud83d\udd39 **Details**: IBM Engineering Lifecycle Optimization - Publishing 7.0.2 and 7.0.3 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing \"dot dot\" sequences (/../) to view arbitrary files on the system.\n\ud83d\udd22 **Severity**: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N\n\ud83d\uddd3\ufe0f **Modified**: 2025-01-04T15:30:45Z\n\ud83d\uddd3\ufe0f **Published**: 2025-01-04T15:30:45Z\n\ud83c\udff7\ufe0f **CWE IDs**: CWE-22\n\ud83d\udd17 **References**:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-4165\n2. https://www.ibm.com/support/pages/node/180201", "creation_timestamp": "2025-01-05T01:38:45.000000Z"}, {"uuid": "98119891-8b35-4031-8a6b-1711b1c99692", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4165", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/61", "content": "\ud83d\udccc **CVE ID**: GHSA-87r4-wg36-7x2v\n\ud83d\udd17 **References**:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-4165\n2. https://www.ibm.com/support/pages/node/180201", "creation_timestamp": "2025-01-05T01:33:15.000000Z"}, {"uuid": "e3d07099-721b-4e24-95f6-fe448be86ded", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41659", "type": "seen", "source": "https://t.me/cvedetector/3684", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41659 - Memos CORS Misconfiguration Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-41659 \nPublished : Aug. 20, 2024, 8:15 p.m. | 43\u00a0minutes ago \nDescription : memos is a privacy-first, lightweight note-taking service. A CORS misconfiguration exists in memos 0.20.1 and earlier where an arbitrary origin is reflected with Access-Control-Allow-Credentials set to true. This may allow an attacking website to make a cross-origin request, allowing the attacker to read private information or make privileged changes to the system as the vulnerable user account. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T22:59:29.000000Z"}, {"uuid": "22834e03-941c-4f56-8cc1-104b15280917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41650", "type": "seen", "source": "https://t.me/cvedetector/12281", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41650 - Insecure Permissions vulnerability in Open Robotic\", \n  \"Content\": \"CVE ID : CVE-2024-41650 \nPublished : Dec. 6, 2024, 10:15 p.m. | 42\u00a0minutes ago \nDescription : Insecure Permissions vulnerability in Open Robotics Robotic Operating System 2 ROS2 navigation2 v.humble allows an attacker to execute arbitrary code via a crafted script to the nav2_costmap_2d. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-06T23:59:37.000000Z"}, {"uuid": "5f3b6a9d-1bf5-47f4-a665-c358099fa5a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41657", "type": "seen", "source": "https://t.me/cvedetector/3691", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41657 - Casdoor CORS Filter Cross-Site Request Forgery (CSRF) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41657 \nPublished : Aug. 20, 2024, 9:15 p.m. | 31\u00a0minutes ago \nDescription : Casdoor is a UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform. In Casdoor 1.577.0 and earlier, a logic vulnerability exists in the beego filter CorsFilter that allows any website to make cross domain requests to Casdoor as the logged in user. Due to the a logic error in checking only for a prefix when authenticating the Origin header, any domain can create a valid subdomain with a valid subdomain prefix (Ex: localhost.example.com), allowing the website to make requests to Casdoor as the current signed-in user. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T23:49:43.000000Z"}, {"uuid": "8278b84f-1c2e-4ecd-836d-888f27a0f02f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41658", "type": "seen", "source": "https://t.me/cvedetector/3690", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41658 - Casdoor Wechat Pay Reflected Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-41658 \nPublished : Aug. 20, 2024, 9:15 p.m. | 31\u00a0minutes ago \nDescription : Casdoor is a UI-first Identity and Access Management (IAM) / Single-Sign-On (SSO) platform.  In Casdoor 1.577.0 and earlier, he purchase URL that is created to generate a WechatPay QR code is vulnerable to reflected XSS. When purchasing an item through casdoor, the product page allows you to pay via wechat pay. When using wechat pay, a QR code with the wechat pay link is displayed on the payment page, hosted on the domain of casdoor. This page takes a query parameter from the url successUrl, and redirects the user to that url after a successful purchase. Because the user has no reason to think that the payment page contains sensitive information, they may share it with other or can be social engineered into sending it to others. An attacker can then craft the casdoor link with a special url and send it back to the user, and once payment has gone though an XSS attack occurs. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T23:49:39.000000Z"}, {"uuid": "19c20de6-9210-4440-aa51-0782003b7b69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41651", "type": "seen", "source": "https://t.me/cvedetector/2876", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41651 - Prestashop Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41651 \nPublished : Aug. 12, 2024, 5:15 p.m. | 43\u00a0minutes ago \nDescription : An issue in Prestashop v.8.1.7 and before allows a remote attacker to execute arbitrary code via the module upgrade functionality. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-12T20:10:31.000000Z"}, {"uuid": "a12f6308-9a96-44a1-b77a-15a254952413", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41656", "type": "seen", "source": "https://t.me/cvedetector/1529", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41656 - Sentry Cross-Site Scripting XSS\", \n  \"Content\": \"CVE ID : CVE-2024-41656 \nPublished : July 23, 2024, 10:15 p.m. | 28\u00a0minutes ago \nDescription : Sentry is an error tracking and performance monitoring platform. Starting in version 10.0.0 and prior to version 24.7.1, an unsanitized payload sent by an Integration platform integration allows storing arbitrary HTML tags on the Sentry side with the subsequent rendering them on the Issues page. Self-hosted Sentry users may be impacted in case of untrustworthy Integration platform integrations sending external issues from their side to Sentry. A patch has been released in Sentry 24.7.1. For Sentry SaaS customers, no action is needed. This has been patched on July 23, and even prior to the fix, the exploitation was not possible due to the strict Content Security Policy deployed on sentry.io site. For self-hosted users, the maintainers of Sentry strongly recommend upgrading Sentry to the latest version. If it is not possible, one could enable CSP on one's self-hosted installation with `CSP_REPORT_ONLY = False` (enforcing mode). This will mitigate the risk of cross-site scripting. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-24T00:45:43.000000Z"}, {"uuid": "36c0a6f7-c536-4b30-96a5-893917e1fe8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41655", "type": "seen", "source": "https://t.me/cvedetector/1510", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41655 - TF2 Item Format Regular Expression Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-41655 \nPublished : July 23, 2024, 3:15 p.m. | 36\u00a0minutes ago \nDescription : TF2 Item Format helps users format TF2 items to the community standards. Versions of `tf2-item-format` since at least `4.2.6`  and prior to `5.9.14` are vulnerable to a Regular Expression Denial of Service (ReDoS) attack when parsing crafted user input. This vulnerability can be exploited by an attacker to perform DoS attacks on any service that uses any `tf2-item-format` to parse user input. Version `5.9.14` contains a fix for the issue. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-23T18:04:26.000000Z"}]}