{"vulnerability": "CVE-2024-4216", "sightings": [{"uuid": "9a6dad02-797d-4b7c-98ee-14946705f362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42168", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfgqkujr7425", "content": "", "creation_timestamp": "2025-01-11T03:16:04.769743Z"}, {"uuid": "fafce622-f0dc-417e-bb21-4c4b75e4ba86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42169", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfgqkwtqst2d", "content": "", "creation_timestamp": "2025-01-11T03:16:07.520677Z"}, {"uuid": "fa26fccf-cad2-4eae-ae5b-cb6ab8a4b7ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42168", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113807676554369854", "content": "", "creation_timestamp": "2025-01-11T03:48:50.998985Z"}, {"uuid": "d4ec5317-793d-4ba2-9081-de5cab30dd53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42168", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfgta3zdha2g", "content": "", "creation_timestamp": "2025-01-11T04:03:45.160426Z"}, {"uuid": "7ff7a179-1f23-4281-a916-73278190525e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42168", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfgta4rpxx2k", "content": "", "creation_timestamp": "2025-01-11T04:03:49.092738Z"}, {"uuid": "6b5d84d3-3c8d-451d-b03b-3fa9c8067d6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42169", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113807478229437450", "content": "", "creation_timestamp": "2025-01-11T02:58:24.634721Z"}, {"uuid": "14a18e76-e38c-47a8-af09-db2def2702ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42168", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113807478214183739", "content": "", "creation_timestamp": "2025-01-11T02:58:24.470349Z"}, {"uuid": "e2cd9c0f-b6cb-4c4a-a9af-960b6382246c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42161", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-072-03", "content": "", "creation_timestamp": "2025-03-13T11:00:00.000000Z"}, {"uuid": "15c8dcb6-cd3b-46aa-b1be-1b3dab62606e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42161", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "f47ac779-8c88-4730-8497-e15570c43ad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-42160", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "bbc170f3-64eb-4350-b618-53bde3a37e04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42169", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1257", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-42169\n\ud83d\udd39 Description: HCL MyXalytics is affected by insecure direct object references.  It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access specific data.\n\ud83d\udccf Published: 2025-01-11T02:31:22.611Z\n\ud83d\udccf Modified: 2025-01-11T02:31:22.611Z\n\ud83d\udd17 References:\n1. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149", "creation_timestamp": "2025-01-11T03:04:01.000000Z"}, {"uuid": "1f90fceb-0c1a-4035-b30a-c0c873b31ad0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4216", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4300", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4216\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2024-05-02T18:15:07.757\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://github.com/pgadmin-org/pgadmin4/issues/7282\n2. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2YFVCB4HCXU3FQBZ5XTWJZWSZUDNCXE/\n3. https://github.com/pgadmin-org/pgadmin4/issues/7282\n4. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/T2YFVCB4HCXU3FQBZ5XTWJZWSZUDNCXE/", "creation_timestamp": "2025-02-13T19:10:37.000000Z"}, {"uuid": "6831fbc9-8b45-4d79-b213-756dc322f75a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42168", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1258", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-42168\n\ud83d\udd39 Description: HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability.  An attacker can deploy a web server that returns malicious content, and then induce the application to retrieve and process that content.\n\ud83d\udccf Published: 2025-01-11T02:24:38.352Z\n\ud83d\udccf Modified: 2025-01-11T02:24:38.352Z\n\ud83d\udd17 References:\n1. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0118149", "creation_timestamp": "2025-01-11T03:04:04.000000Z"}, {"uuid": "4aadbb05-2b7b-464b-be87-60c80a1c8731", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4216", "type": "seen", "source": "https://t.me/HackingInsights/89", "content": "\u200aCVE-2024-4215 & CVE-2024-4216: Security Flaws Patched in Popular PostgreSQL Tool pgAdmin\n\nhttps://securityonline.info/cve-2024-4215-cve-2024-4216-security-flaws-patched-in-popular-postgresql-tool-pgadmin/", "creation_timestamp": "2024-05-06T13:34:11.000000Z"}, {"uuid": "eed442f6-1e6a-45d5-b65a-0208d10c34d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42169", "type": "seen", "source": "https://t.me/cvedetector/15030", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42169 - HCL MyXalytics Insecure Direct Object Reference\", \n  \"Content\": \"CVE ID : CVE-2024-42169 \nPublished : Jan. 11, 2025, 3:15 a.m. | 28\u00a0minutes ago \nDescription : HCL MyXalytics is affected by insecure direct object references.  It occurs due to missing access control checks, which fail to verify whether a user should be allowed to access specific data. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-11T04:53:26.000000Z"}, {"uuid": "6c5ae4ac-0e67-42df-9ce6-b060fb09a462", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42168", "type": "seen", "source": "https://t.me/cvedetector/15029", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42168 - HCL MyXalytics HTTP Request Hijacking Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42168 \nPublished : Jan. 11, 2025, 3:15 a.m. | 28\u00a0minutes ago \nDescription : HCL MyXalytics is affected by out-of-band resource load (HTTP) vulnerability.  An attacker can deploy a web server that returns malicious content, and then induce the application to retrieve and process that content. \nSeverity: 8.9 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-11T04:53:22.000000Z"}, {"uuid": "3cb3b382-d752-452e-8235-d4e7bb27eff1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42160", "type": "seen", "source": "https://t.me/cvedetector/2011", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42160 - Linux F2FS Fault Attribute Validation Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-42160 \nPublished : July 30, 2024, 8:15 a.m. | 20\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nf2fs: check validation of fault attrs in f2fs_build_fault_attr()  \n  \n- It missed to check validation of fault attrs in parse_options(),  \nlet's fix to add check condition in f2fs_build_fault_attr().  \n- Use f2fs_build_fault_attr() in __sbi_store() to clean up code. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T10:43:28.000000Z"}, {"uuid": "638cf202-1024-4ebb-be6f-96ae1a0e7cf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42162", "type": "seen", "source": "https://t.me/cvedetector/2009", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42162 - Linux Kernel gve Invalid Access\", \n  \"Content\": \"CVE ID : CVE-2024-42162 \nPublished : July 30, 2024, 8:15 a.m. | 20\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ngve: Account for stopped queues when reading NIC stats  \n  \nWe now account for the fact that the NIC might send us stats for a  \nsubset of queues. Without this change, gve_get_ethtool_stats might make  \nan invalid access on the priv->stats_report->stats array. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T10:43:26.000000Z"}, {"uuid": "885cd328-fe79-4209-a972-7c06cecd1436", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42161", "type": "seen", "source": "https://t.me/cvedetector/2016", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42161 - Linux kernel BPF uninitialized value vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42161 \nPublished : July 30, 2024, 8:15 a.m. | 20\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nbpf: Avoid uninitialized value in BPF_CORE_READ_BITFIELD  \n  \n[Changes from V1:  \n - Use a default branch in the switch statement to initialize `val'.]  \n  \nGCC warns that `val' may be used uninitialized in the  \nBPF_CRE_READ_BITFIELD macro, defined in bpf_core_read.h as:  \n  \n [...]  \n unsigned long long val;            \\  \n [...]              \\  \n switch (__CORE_RELO(s, field, BYTE_SIZE)) {         \\  \n case 1: val = *(const unsigned char *)p; break;         \\  \n case 2: val = *(const unsigned short *)p; break;        \\  \n case 4: val = *(const unsigned int *)p; break;         \\  \n case 8: val = *(const unsigned long long *)p; break;        \\  \n        }                    \\  \n [...]  \n val;              \\  \n }              \\  \n  \nThis patch adds a default entry in the switch statement that sets  \n`val' to zero in order to avoid the warning, and random values to be  \nused in case __builtin_preserve_field_info returns unexpected values  \nfor BPF_FIELD_BYTE_SIZE.  \n  \nTested in bpf-next master.  \nNo regressions. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T10:43:35.000000Z"}]}