{"vulnerability": "CVE-2024-4202", "sightings": [{"uuid": "b3a6a595-fafa-488d-82d8-29b841e22a7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42027", "type": "seen", "source": "https://t.me/cvedetector/7215", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42027 - Rocket.Chat Mobile End-to-End Encryption Password Weakness\", \n  \"Content\": \"CVE ID : CVE-2024-42027 \nPublished : Oct. 7, 2024, 1:15 p.m. | 32\u00a0minutes ago \nDescription : The E2EE password entropy generated by Rocket.Chat Mobile prior to version 4.5.1 is insufficient, allowing attackers to crack it if they have the appropriate time and resources. \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-07T15:57:39.000000Z"}, {"uuid": "67169b42-711a-470c-8aa2-c0a3a63b10b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42028", "type": "seen", "source": "https://t.me/cvedetector/9138", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42028 - \"UniFi Network Server Local Privilege Escalation\"\", \n  \"Content\": \"CVE ID : CVE-2024-42028 \nPublished : Oct. 28, 2024, 4:15 p.m. | 34\u00a0minutes ago \nDescription : A Local privilege escalation vulnerability found in a Self-Hosted UniFi Network Server with UniFi Network Application (Version 8.4.62 and earlier) allows a malicious actor with a local operational system user to execute high privilege actions on UniFi Network Server. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-28T17:50:18.000000Z"}, {"uuid": "47613673-c000-4491-bb55-9afffee0ac86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "cve-2024-42024", "type": "seen", "source": "https://vulnerability.circl.lu/comment/4e36fb63-ef06-4e9d-8f57-7b76aebf7bde", "content": "", "creation_timestamp": "2024-09-09T20:48:43.060182Z"}, {"uuid": "e1576776-0ca7-4521-80f7-5401a4f77ed6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42024", "type": "seen", "source": "https://t.me/HackingInsights/12473", "content": "\u200aCritical Flaws in Veeam ONE Expose Systems to RCE (CVE-2024-42024) and Credential Theft (CVE-2024-42019)\n\nhttps://securityonline.info/critical-flaws-in-veeam-one-expose-systems-to-rce-cve-2024-42024-and-credential-theft-cve-2024-42019/", "creation_timestamp": "2024-09-08T17:48:02.000000Z"}, {"uuid": "0de6755b-10ac-41b8-9ed9-86029085c014", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42024", "type": "seen", "source": "Telegram/2paEDeP02FonhasdWZ5DOTlSfP9HXbNaBwWkCheKZVeaUA", "content": "", "creation_timestamp": "2024-09-05T22:40:17.000000Z"}, {"uuid": "cf4e4889-73c8-45c7-8011-e78e0c1df57e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42025", "type": "seen", "source": "https://t.me/cvedetector/5619", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42025 - \"UniFi Command Injection Privilege Escalation\"\", \n  \"Content\": \"CVE ID : CVE-2024-42025 \nPublished : Sept. 13, 2024, 4:15 p.m. | 29\u00a0minutes ago \nDescription : A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi Network Application (Version 8.3.32 and earlier) allows a malicious actor with unifi user shell access to escalate privileges to root on the host device. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-13T18:48:13.000000Z"}, {"uuid": "cb5b1656-cd44-43ac-9e22-7e50ac1234ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42024", "type": "seen", "source": "https://t.me/cvedetector/5041", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42024 - Veeam ONE Agent Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42024 \nPublished : Sept. 7, 2024, 5:15 p.m. | 41\u00a0minutes ago \nDescription : A vulnerability that allows an attacker in possession of the Veeam ONE Agent service account credentials to perform remote code execution on the machine where the Veeam ONE Agent is installed. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-07T20:10:49.000000Z"}, {"uuid": "c12c5787-40b1-4da4-a99f-1417734a1046", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42020", "type": "seen", "source": "https://t.me/cvedetector/5040", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42020 - Apache Airship XSS Injection\", \n  \"Content\": \"CVE ID : CVE-2024-42020 \nPublished : Sept. 7, 2024, 5:15 p.m. | 41\u00a0minutes ago \nDescription : A Cross-site-scripting (XSS) vulnerability exists in the Reporter Widgets that allows HTML injection. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-07T20:10:48.000000Z"}, {"uuid": "b8b42d14-7606-4492-aa9a-7856981f7567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42022", "type": "seen", "source": "https://t.me/cvedetector/5039", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42022 - Cloud vbox Incorrect Permission Assignment Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42022 \nPublished : Sept. 7, 2024, 5:15 p.m. | 41\u00a0minutes ago \nDescription : An incorrect permission assignment vulnerability allows an attacker to modify product configuration files. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-07T20:10:48.000000Z"}, {"uuid": "32c98257-0c45-46b0-81dd-6ada918473b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42023", "type": "seen", "source": "https://t.me/cvedetector/5038", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42023 - Cloud bathroom Exploitables Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-42023 \nPublished : Sept. 7, 2024, 5:15 p.m. | 41\u00a0minutes ago \nDescription : An improper access control vulnerability allows low-privileged users to execute code with Administrator privileges remotely. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-07T20:10:47.000000Z"}, {"uuid": "613eef35-1d9e-43df-aedf-04371b50e45b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42021", "type": "seen", "source": "https://t.me/cvedetector/5037", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42021 - Microsoft Office Saved Credentials Access Control Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-42021 \nPublished : Sept. 7, 2024, 5:15 p.m. | 41\u00a0minutes ago \nDescription : An improper access control vulnerability allows an attacker with valid access tokens to access saved credentials. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-07T20:10:46.000000Z"}, {"uuid": "90188a09-7057-4bf8-955c-10ff2a4b49dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42029", "type": "seen", "source": "https://t.me/cvedetector/1748", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42029 - xdg-desktop-portal-hyprland OS Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-42029 \nPublished : July 27, 2024, 4:15 a.m. | 44\u00a0minutes ago \nDescription : xdg-desktop-portal-hyprland (aka an XDG Desktop Portal backend for Hyprland) before 1.3.3 allows OS command execution, e.g., because single quotes are not used when sending a list of app IDs and titles via the environment. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-27T07:25:38.000000Z"}, {"uuid": "892b605e-f6b0-4ae6-89ee-fd84e7139fd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42024", "type": "seen", "source": "https://t.me/tengkorakcybercrewz/3973", "content": "The Hacker News\nVeeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues\n\nVeeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical vulnerabilities that could result in remote code execution.\nThe list of shortcomings is below -\n\nCVE-2024-40711 (CVSS score: 9.8) - A vulnerability in Veeam Backup &amp; Replication that allows unauthenticated remote code execution.\n\n\nCVE-2024-42024 (CVSS score: 9.1", "creation_timestamp": "2024-09-05T22:40:17.000000Z"}, {"uuid": "86bcaf6f-c25c-49f6-a9d0-7978eef6492a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42024", "type": "seen", "source": "Telegram/H0bymnaDZsjBJZbbufohqYE3SBtAIPDM1Sz-s9D2SdUOEA", "content": "", "creation_timestamp": "2024-09-06T00:26:00.000000Z"}, {"uuid": "4e31ea18-b9f6-45ce-b24d-c375a2865482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42024", "type": "seen", "source": "https://t.me/KomunitiSiber/2520", "content": "Veeam Releases Security Updates to Fix 18 Flaws, Including 5 Critical Issues\nhttps://thehackernews.com/2024/09/veeam-releases-security-updates-to-fix.html\n\nVeeam has shipped security updates to address a total of 18 security flaws impacting its software products, including five critical vulnerabilities that could result in remote code execution.\nThe list of shortcomings is below -\n\nCVE-2024-40711 (CVSS score: 9.8) - A vulnerability in Veeam Backup &amp; Replication that allows unauthenticated remote code execution.\n\n\nCVE-2024-42024 (CVSS score: 9.1", "creation_timestamp": "2024-09-06T04:50:52.000000Z"}]}