{"vulnerability": "CVE-2024-4235", "sightings": [{"uuid": "9fd55775-1f58-4d20-836c-9d81aed855b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42355", "type": "seen", "source": "https://t.me/cvedetector/2794", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42355 - Shopware Twig Tag Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-42355 \nPublished : Aug. 8, 2024, 3:15 p.m. | 35\u00a0minutes ago \nDescription : Shopware, an open ecommerce platform, has a new Twig Tag `sw_silent_feature_call` which silences deprecation messages while triggered in this tag. Prior to versions 6.6.5.1 and 6.5.8.13, it accepts as parameter a string the feature flag name to silence, but this parameter is not escaped properly and allows execution of code. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3,  and 6.4, corresponding security measures are also available via a plugin. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-08T18:04:31.000000Z"}, {"uuid": "ec5d1e1b-4437-4aef-a6a8-a0324598677a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42357", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12139", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27892\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Shopware prior to version 6.5.8.13 is affected by a SQL injection vulnerability in the /api/search/order endpoint. NOTE: this issue exists because of a CVE-2024-22406 and CVE-2024-42357 regression.\n\ud83d\udccf Published: 2025-04-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-16T18:32:23.303Z\n\ud83d\udd17 References:\n1. https://github.com/shopware/shopware/security/advisories/GHSA-8g35-7rmw-7f59\n2. https://www.redteam-pentesting.de/en/advisories/rt-sa-2025-001/", "creation_timestamp": "2025-04-16T18:56:18.000000Z"}, {"uuid": "c9b40f33-a2d9-4a61-935f-c9d002dce30b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42357", "type": "seen", "source": "https://t.me/cvedetector/23032", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27892 - Shopware SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27892 \nPublished : April 15, 2025, 10:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : Shopware prior to version 6.5.8.13 is affected by a SQL injection vulnerability in the /api/search/order endpoint. NOTE: this issue exists because of a CVE-2024-22406 and CVE-2024-42357 regression. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T01:49:06.000000Z"}, {"uuid": "cd46b0d4-b7b3-40d9-86f3-bd79708c2499", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42351", "type": "seen", "source": "https://t.me/cvedetector/6125", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42351 - Galaxy Data Tampering Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42351 \nPublished : Sept. 20, 2024, 7:15 p.m. | 37\u00a0minutes ago \nDescription : Galaxy is a free, open-source system for analyzing data, authoring workflows, training and education, publishing tools, managing infrastructure, and more. An attacker can potentially replace the contents of public datasets resulting in data loss or tampering. All supported branches of Galaxy (and more back to release_21.05) were amended with the below patch. Users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-20T22:15:50.000000Z"}, {"uuid": "baa37ad0-0207-48d1-867b-f9f12941b15b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42352", "type": "seen", "source": "https://t.me/cvedetector/2494", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42352 - Nuxt SSRF via Imperfect URL Parsing in nuxt/icon\", \n  \"Content\": \"CVE ID : CVE-2024-42352 \nPublished : Aug. 5, 2024, 9:15 p.m. | 40\u00a0minutes ago \nDescription : Nuxt is a free and open-source framework to create full-stack web applications and websites with Vue.js. `nuxt/icon` provides an API to allow client side icon lookup. This endpoint is at `/api/_nuxt_icon/[name]`. The proxied request path is improperly parsed, allowing an attacker to change the scheme and host of the request. This leads to SSRF, and could potentially lead to sensitive data exposure. The `new URL` constructor is used to parse the final path. This constructor can be passed a relative scheme or path in order to change the host the request is sent to. This constructor is also very tolerant of poorly formatted URLs. As a result we can pass a path prefixed with the string `http:`. This has the effect of changing the scheme to HTTP. We can then subsequently pass a new host, for example `http:127.0.0.1:8080`. This would allow us to send requests to a local server. This issue has been addressed in release version 1.4.5 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-05T23:56:52.000000Z"}, {"uuid": "c3fc0282-4877-46fe-9478-29fe72e4c9ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42350", "type": "seen", "source": "https://t.me/cvedetector/2487", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42350 - Biscuit Third-Party Block Request Forgery Unauthorized Key Trusting\", \n  \"Content\": \"CVE ID : CVE-2024-42350 \nPublished : Aug. 5, 2024, 8:15 p.m. | 38\u00a0minutes ago \nDescription : Biscuit is an authorization token with decentralized verification, offline attenuation and strong security policy enforcement based on a logic language. Third-party blocks can be generated without transferring the whole token to the third-party authority. Instead, a `ThirdPartyBlock` request can be sent, providing only the necessary info to generate a third-party block and to sign it: 1. the public key of the previous block (used in the signature), 2. the public keys part of the token symbol table (for public key interning in datalog expressions). A third-part block request forged by a malicious user can trick the third-party authority into generating datalog trusting the wrong keypair. Tokens with third-party blocks containing `trusted` annotations generated through a third party block request. This has been addressed in version 4 of the specification. Users are advised to update their implementations to conform. There are no known workarounds for this vulnerability. \nSeverity: 3.0 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-05T23:06:41.000000Z"}, {"uuid": "e1b0d4ad-35fc-4b78-bcda-44911bed3788", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42358", "type": "seen", "source": "https://t.me/cvedetector/2622", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42358 - PDFio TTF Parser Denial of Service (DoS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42358 \nPublished : Aug. 6, 2024, 5:15 p.m. | 36\u00a0minutes ago \nDescription : PDFio is a simple C library for reading and writing PDF files. There is a denial of service (DOS) vulnerability in the TTF parser. Maliciously crafted TTF files can cause the program to utilize 100% of the Memory and enter an infinite loop. This can also lead to a heap-buffer-overflow vulnerability. An infinite loop occurs in the read_camp function by nGroups value. The ttf.h library is vulnerable. A value called nGroups is extracted from the file, and by changing that value, you can cause the program to utilize 100% of the Memory and enter an infinite loop. If the value of nGroups in the file is small, an infinite loop will not occur. This library, whether used as a standalone binary or as part of another application, is vulnerable to DOS attacks when parsing certain types of files. Automated systems, including web servers that use this code to convert PDF submissions into plaintext, can be DOSed if an attacker uploads a malicious TTF file. This issue has been addressed in release version 1.3.1. All users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 6.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-06T20:02:42.000000Z"}, {"uuid": "efde60f8-76eb-4b3c-a62b-7d456fb5ce0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42354", "type": "seen", "source": "https://t.me/cvedetector/2795", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42354 - Shopware Unvalidated ManyToMany Association Deserialization\", \n  \"Content\": \"CVE ID : CVE-2024-42354 \nPublished : Aug. 8, 2024, 3:15 p.m. | 35\u00a0minutes ago \nDescription : Shopware is an open commerce platform. The store-API works with regular entities and not expose all fields for the public API; fields need to be marked as ApiAware in the EntityDefinition. So only ApiAware fields of the EntityDefinition will be encoded to the final JSON. Prior to versions 6.6.5.1 and 6.5.8.13, the processing of the Criteria did not considered ManyToMany associations and so they were not considered properly and the protections didn't get used. This issue cannot be reproduced with the default entities by Shopware, but can be triggered with extensions. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.2, 6.3,  and 6.4, corresponding security measures are also available via a plugin. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-08T18:04:32.000000Z"}, {"uuid": "9abfa3b8-a061-4200-b792-125b3efd0255", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42356", "type": "seen", "source": "https://t.me/cvedetector/2793", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42356 - Shopware Twig Code Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42356 \nPublished : Aug. 8, 2024, 3:15 p.m. | 35\u00a0minutes ago \nDescription : Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the `context` variable is injected into almost any Twig Template and allows to access to current language, currency information. The context object allows also to switch for a short time the scope of the Context as a helper with a callable function. The function can be called also from Twig and as the second parameter allows any callable, it's possible to call from Twig any statically callable PHP function/method. It's not possible as customer to provide any Twig code, the attacker would require access to Administration to exploit it using Mail templates or using App Scripts. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3 and 6.4 corresponding security measures are also available via a plugin. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-08T18:04:30.000000Z"}, {"uuid": "f1354b77-e6f7-49ea-b2fb-87ed0ae571d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42357", "type": "seen", "source": "https://t.me/cvedetector/2792", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42357 - Shopware SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42357 \nPublished : Aug. 8, 2024, 3:15 p.m. | 35\u00a0minutes ago \nDescription : Shopware is an open commerce platform. Prior to versions 6.6.5.1 and 6.5.8.13, the Shopware application API contains a search functionality which enables users to search through information stored within their Shopware instance. The searches performed by this function can be aggregated using the parameters in the `aggregations` object. The `name` field in this `aggregations` object is vulnerable SQL-injection and can be exploited using SQL parameters. Update to Shopware 6.6.5.1 or 6.5.8.13 to receive a patch. For older versions of 6.1, 6.2, 6.3, and 6.4, corresponding security measures are also available via a plugin. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-08T18:04:29.000000Z"}, {"uuid": "451edfe5-fa15-4f4b-b24e-84ebcce3f54e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42353", "type": "seen", "source": "https://t.me/cvedetector/3206", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42353 - WordPress Uri Directory Traversal\", \n  \"Content\": \"CVE ID : CVE-2024-42353 \nPublished : Aug. 14, 2024, 9:15 p.m. | 39\u00a0minutes ago \nDescription : WebOb provides objects for HTTP requests and responses. When WebOb normalizes the HTTP Location header to include the request hostname, it does so by parsing the URL that the user is to be redirected to with Python's urlparse, and joining it to the base URL. `urlparse` however treats a `//` at the start of a string as a URI without a scheme, and then treats the next part as the hostname. `urljoin` will then use that hostname from the second part as the hostname replacing the original one from the request. This vulnerability is patched in WebOb version 1.8.8. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-15T00:05:21.000000Z"}, {"uuid": "477b063d-e9f8-4f8b-b698-3d45d9fe0e4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4235", "type": "seen", "source": "https://t.me/darkcommunityofficial/457", "content": "\ud83d\udea8 CVE-2024-4235\nA vulnerability classified as problematic was found in Netgear DG834Gv5 1.6.01.34. This vulnerability affects unknown code of the component Web Management Interface. The manipulation leads to cleartext storage of sensitive information. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-262126 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2024-04-26T21:23:06.000000Z"}]}