{"vulnerability": "CVE-2024-4238", "sightings": [{"uuid": "8eddb584-3f0b-4dc1-94a9-fab33f5b3e33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-42386", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113503319163297447", "content": "", "creation_timestamp": "2024-11-18T09:46:46.134825Z"}, {"uuid": "48cbeee8-3884-4a0e-9e4f-9af59b50b528", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-42387", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113503319177654437", "content": "", "creation_timestamp": "2024-11-18T09:46:46.178493Z"}, {"uuid": "0f643d5c-adc4-4741-b7c1-a6fb32fb89e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-42388", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113503319191424633", "content": "", "creation_timestamp": "2024-11-18T09:46:46.292838Z"}, {"uuid": "990f14c4-1e6b-4a56-b961-2853adb45045", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-42389", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113503319205121302", "content": "", "creation_timestamp": "2024-11-18T09:46:46.332144Z"}, {"uuid": "41afb057-2784-48c8-8a63-79957b5a0581", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-42383", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113503260134233857", "content": "", "creation_timestamp": "2024-11-18T09:31:45.337137Z"}, {"uuid": "2fb3eea2-5209-4c15-938b-0344b7c6c435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-42384", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113503260147992736", "content": "", "creation_timestamp": "2024-11-18T09:31:45.671473Z"}, {"uuid": "913e0cd1-4670-42b8-b3f1-ac11fbf86636", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-42385", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113503260162776797", "content": "", "creation_timestamp": "2024-11-18T09:31:46.150081Z"}, {"uuid": "9329725d-d466-4846-bba9-5cb24aa9b023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42388", "type": "seen", "source": "https://t.me/cvedetector/11314", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42388 - Cesanta Mongoose Web Server TLS Out-of-range Pointer Offset Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42388 \nPublished : Nov. 18, 2024, 10:15 a.m. | 46\u00a0minutes ago \nDescription : Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T12:22:02.000000Z"}, {"uuid": "882b263f-3124-4fdf-8a2e-29042a4c6947", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42386", "type": "seen", "source": "MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51", "content": "", "creation_timestamp": "2025-09-25T00:36:29.000000Z"}, {"uuid": "1da5b090-41ee-450c-b98e-ac0efe569784", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42383", "type": "seen", "source": "https://t.me/cvedetector/11317", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42383 - Cesanta Mongoose Web Server HTTP Response Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-42383 \nPublished : Nov. 18, 2024, 10:15 a.m. | 46\u00a0minutes ago \nDescription : Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory space dedicated for the hostname field. \nSeverity: 4.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T12:22:08.000000Z"}, {"uuid": "0536d79f-38f3-4988-9a15-f38345a3383f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42387", "type": "seen", "source": "https://t.me/cvedetector/11313", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42387 - Cesanta Mongoose Web Server Heap Ra raids\", \n  \"Content\": \"CVE ID : CVE-2024-42387 \nPublished : Nov. 18, 2024, 10:15 a.m. | 46\u00a0minutes ago \nDescription : Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T12:22:02.000000Z"}, {"uuid": "72f73c47-52fb-4714-ab65-0038ae762fa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42386", "type": "seen", "source": "https://t.me/cvedetector/11312", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42386 - Cesanta Mongoose Web Server TLS Pointer Offset Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42386 \nPublished : Nov. 18, 2024, 10:15 a.m. | 46\u00a0minutes ago \nDescription : Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T12:22:01.000000Z"}, {"uuid": "9143f245-0532-4ff4-8dfb-e8566cdf2a23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42385", "type": "seen", "source": "https://t.me/cvedetector/11311", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42385 - Cesanta Mongoose Web Server Certificate Delimiter Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42385 \nPublished : Nov. 18, 2024, 10:15 a.m. | 46\u00a0minutes ago \nDescription : Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters. \nSeverity: 4.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T12:21:57.000000Z"}, {"uuid": "1378ad52-89ff-4c0b-897e-e6e1fdb1f317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42387", "type": "seen", "source": "MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51", "content": "", "creation_timestamp": "2025-09-25T00:36:29.000000Z"}, {"uuid": "0c7b418e-88b1-4f0b-8511-0ec653d15e16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42381", "type": "seen", "source": "https://t.me/cvedetector/2114", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42381 - Homebrew ELF File Execution via Untrusted Source\", \n  \"Content\": \"CVE ID : CVE-2024-42381 \nPublished : July 31, 2024, 6:15 a.m. | 39\u00a0minutes ago \nDescription : os/linux/elf.rb in Homebrew brew before 4.2.20 uses ldd to load ELF files obtained from untrusted sources, which allows attackers to achieve code execution via an ELF file with a custom .interp section. NOTE: this code execution would occur during an un-sandboxed binary relocation phase, which occurs before a user would expect execution of downloaded package content. (237d1e783f7ee261beaba7d3f6bde22da7148b0a was the tested vulnerable version.) \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-31T09:18:45.000000Z"}, {"uuid": "8d9792f4-fc03-4521-8466-43fe5be053ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42380", "type": "seen", "source": "https://t.me/cvedetector/5157", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42380 - SAP Workplace Favourites Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-42380 \nPublished : Sept. 10, 2024, 3:15 a.m. | 35\u00a0minutes ago \nDescription : The RFC enabled function module allows a low privileged user to read any user's workplace favourites and user menu along with all the specific data of each node. Usernames can be enumerated by exploiting vulnerability. There is low impact on confidentiality of the application. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-10T05:52:01.000000Z"}, {"uuid": "cc34fad2-6660-4be8-9c39-25387a42c8ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42384", "type": "seen", "source": "https://t.me/cvedetector/11318", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42384 - Cesanta Mongoose Web Server TLS Integer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-42384 \nPublished : Nov. 18, 2024, 10:15 a.m. | 46\u00a0minutes ago \nDescription : Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T12:22:09.000000Z"}, {"uuid": "a80d108a-db8c-44f1-a9c5-a94656d2e962", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42389", "type": "seen", "source": "https://t.me/cvedetector/11307", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42389 - Mongoose Web Server TLS Pointer Offset Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42389 \nPublished : Nov. 18, 2024, 10:15 a.m. | 46\u00a0minutes ago \nDescription : Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T12:21:54.000000Z"}]}