{"vulnerability": "CVE-2024-4234", "sightings": [{"uuid": "ed921b34-6574-40fc-bcc4-a0ca358335bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42344", "type": "seen", "source": "https://t.me/cvedetector/5212", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42344 - Siemens SINEMA Remote Connect Client Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42344 \nPublished : Sept. 10, 2024, 10:15 a.m. | 39\u00a0minutes ago \nDescription : A vulnerability has been identified in SINEMA Remote Connect Client (All versions Severity: 4.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-10T13:23:52.000000Z"}, {"uuid": "a6c41f09-022a-49cf-acda-b2270ae4d8ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42346", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9072", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-42346 \nURL\uff1ahttps://github.com/partywavesec/CVE-2024-42346\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-18T18:19:58.000000Z"}, {"uuid": "0cd9d043-e060-4c01-ac14-fde0daa05c62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42346", "type": "seen", "source": "https://t.me/cvedetector/6124", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42346 - Galaxy Editor Visualization JS Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42346 \nPublished : Sept. 20, 2024, 7:15 p.m. | 37\u00a0minutes ago \nDescription : Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. The editor visualization, /visualizations endpoint, can be used to store HTML tags and trigger javascript execution upon edit operation. All supported branches of Galaxy (and more back to release_20.05) were amended with the supplied patches. Users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 7.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-20T22:15:46.000000Z"}, {"uuid": "730e8dd0-f9b4-4fac-a7f5-17796c2a4e59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42345", "type": "seen", "source": "https://t.me/cvedetector/5209", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42345 - SINEMA Remote Connect Server Authentication Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42345 \nPublished : Sept. 10, 2024, 10:15 a.m. | 39\u00a0minutes ago \nDescription : A vulnerability has been identified in SINEMA Remote Connect Server (All versions Severity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-10T13:23:50.000000Z"}, {"uuid": "e81d1db0-bbfe-4e17-8cfd-fa3d5d999349", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42341", "type": "seen", "source": "https://t.me/cvedetector/5081", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42341 - Loway Open Redirect\", \n  \"Content\": \"CVE ID : CVE-2024-42341 \nPublished : Sept. 8, 2024, 12:15 p.m. | 17\u00a0minutes ago \nDescription : Loway - CWE-601: URL Redirection to Untrusted Site ('Open Redirect') \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-08T14:33:57.000000Z"}, {"uuid": "88c4b729-9354-4410-94c8-ad21ab063a9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42342", "type": "seen", "source": "https://t.me/cvedetector/5080", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42342 - Loway HTTP Request Smuggling Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42342 \nPublished : Sept. 8, 2024, 12:15 p.m. | 17\u00a0minutes ago \nDescription : Loway -  CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-08T14:33:56.000000Z"}, {"uuid": "90f48380-6497-442b-816a-3626ff9c8bde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42343", "type": "seen", "source": "https://t.me/cvedetector/5079", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42343 - Loway - Vulnerable Session Manager\", \n  \"Content\": \"CVE ID : CVE-2024-42343 \nPublished : Sept. 8, 2024, 12:15 p.m. | 17\u00a0minutes ago \nDescription : Loway - CWE-204: Observable Response Discrepancy \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-08T20:42:31.000000Z"}, {"uuid": "9a61df54-7a05-4ec5-a0e1-d0118482cfc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42347", "type": "seen", "source": "https://t.me/cvedetector/2624", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42347 - Matrix React SDK End-to-End Encryption URL Preview Data Manipulation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42347 \nPublished : Aug. 6, 2024, 6:15 p.m. | 27\u00a0minutes ago \nDescription : matrix-react-sdk  is a react-based SDK for inserting a Matrix chat/voip client into a web page. A malicious homeserver could manipulate a user's account data to cause the client to enable URL previews in end-to-end encrypted rooms, in which case any URLs in encrypted messages would be sent to the server. This was patched in matrix-react-sdk 3.105.0. Deployments that trust their homeservers, as well as closed federations of trusted servers, are not affected. Users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-06T20:52:45.000000Z"}, {"uuid": "72287e3e-3222-4606-b371-0035131925b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42348", "type": "seen", "source": "https://t.me/cvedetector/2376", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42348 - FOG Server AD Credentials Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-42348 \nPublished : Aug. 2, 2024, 8:17 p.m. | 35\u00a0minutes ago \nDescription : FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.2 can leak AD username and password when registering a computer.  This vulnerability is fixed in 1.5.10.41.3 and 1.6.0-beta.1395. \nSeverity: 9.3 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T23:13:03.000000Z"}, {"uuid": "5af62ee9-ebda-44d4-9ca9-3d3f1b57640d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42349", "type": "seen", "source": "https://t.me/cvedetector/2375", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42349 - FOG Server Unauthorized Login Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-42349 \nPublished : Aug. 2, 2024, 8:17 p.m. | 35\u00a0minutes ago \nDescription : FOG is a cloning/imaging/rescue suite/inventory management system. FOG Server 1.5.10.41.4 and earlier can leak authorized and rejected logins via logs stored directly on the root of the web server. FOG Server creates 2 logs on the root of the web server (fog_login_accepted.log and fog_login_failed.log), exposing the name of the user account used to manage FOG, the IP address of the computer used to login and the User-Agent. This vulnerability is fixed in 1.5.10.47. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T23:13:02.000000Z"}, {"uuid": "5bfa197f-d26c-4a20-bace-d1c3a4e6d333", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42340", "type": "seen", "source": "https://t.me/cvedetector/4086", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42340 - CyberArk Server-Side Security Enforcement Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42340 \nPublished : Aug. 25, 2024, 8:15 a.m. | 35\u00a0minutes ago \nDescription : CyberArk - CWE-602: Client-Side Enforcement of Server-Side Security \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-25T10:56:51.000000Z"}]}