{"vulnerability": "CVE-2024-4246", "sightings": [{"uuid": "c53cb8d4-66f8-407b-8d96-818604e95992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42461", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8189", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aA firebeam plugin that exploits the CVE-2024-26229 vulnerability to perform elevation of privilege from a  privileged user\nURL\uff1ahttps://github.com/fevar54/CVE-2024-42461\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-06T22:20:33.000000Z"}, {"uuid": "c3bcdf59-819b-4ab7-9773-69639d9bc4b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42460", "type": "seen", "source": "https://t.me/cvedetector/2331", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42460 - Elliptic Node.js ECDSA Signature Malleability Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42460 \nPublished : Aug. 2, 2024, 7:16 a.m. | 30\u00a0minutes ago \nDescription : In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because there is a missing check for whether the leading bit of r and s is zero. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T09:50:12.000000Z"}, {"uuid": "5ef90e6c-51ba-4549-acb5-d75687c34fff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42463", "type": "seen", "source": "https://t.me/cvedetector/3336", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42463 - upKeeper Manager Insecure Authorization Allowance\", \n  \"Content\": \"CVE ID : CVE-2024-42463 \nPublished : Aug. 16, 2024, 2:15 p.m. | 43\u00a0minutes ago \nDescription : Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T17:03:49.000000Z"}, {"uuid": "5e94d42c-d1a7-4edc-b3dd-36d3d2ea90d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42462", "type": "seen", "source": "https://t.me/cvedetector/3335", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42462 - upKeeper Manager Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-42462 \nPublished : Aug. 16, 2024, 2:15 p.m. | 43\u00a0minutes ago \nDescription : Improper Authentication vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Bypass.This issue affects upKeeper Manager: through 5.1.9. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T17:03:48.000000Z"}, {"uuid": "3ff50c66-59e3-430c-bbec-7ea6fca54114", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42464", "type": "seen", "source": "https://t.me/cvedetector/3334", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42464 - upKeeper Manager Authorization Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-42464 \nPublished : Aug. 16, 2024, 2:15 p.m. | 43\u00a0minutes ago \nDescription : Authorization Bypass Through User-Controlled Key vulnerability in upKeeper Solutions product upKeeper Manager allows Utilizing REST's Trust in the System Resource to Obtain Sensitive Data.This issue affects upKeeper Manager: through 5.1.9. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T17:03:47.000000Z"}, {"uuid": "06562e14-d0cd-4dfd-b28e-874f7ef326fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42466", "type": "seen", "source": "https://t.me/cvedetector/3333", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42466 - upKeeper Manager Authentication Abuse\", \n  \"Content\": \"CVE ID : CVE-2024-42466 \nPublished : Aug. 16, 2024, 2:15 p.m. | 43\u00a0minutes ago \nDescription : Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T17:03:46.000000Z"}, {"uuid": "3511b8eb-a38c-49f0-8c41-f680344ed736", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42465", "type": "seen", "source": "https://t.me/cvedetector/3331", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42465 - upKeeper Manager Authentication Abuse Allowance\", \n  \"Content\": \"CVE ID : CVE-2024-42465 \nPublished : Aug. 16, 2024, 2:15 p.m. | 43\u00a0minutes ago \nDescription : Improper Restriction of Excessive Authentication Attempts vulnerability in upKeeper Solutions product upKeeper Manager allows Authentication Abuse.This issue affects upKeeper Manager: through 5.1.9. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T17:03:43.000000Z"}, {"uuid": "287c3a62-9f9f-45d6-ad12-9c97edf68cef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42461", "type": "seen", "source": "https://t.me/cvedetector/2330", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42461 - Elliptic Node.js ECDSA Signature Malleability Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42461 \nPublished : Aug. 2, 2024, 7:16 a.m. | 30\u00a0minutes ago \nDescription : In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-02T09:50:11.000000Z"}]}