{"vulnerability": "CVE-2024-4539", "sightings": [{"uuid": "c1389c41-f47c-42ec-ab97-8680d91174ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45397", "type": "seen", "source": "https://t.me/cvedetector/7688", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45397 - H2O HTTP Server IP SpoofingallowsforUnauthorizedRequests\", \n  \"Content\": \"CVE ID : CVE-2024-45397 \nPublished : Oct. 11, 2024, 3:15 p.m. | 31\u00a0minutes ago \nDescription : h2o is an HTTP server with support for HTTP/1.x, HTTP/2 and HTTP/3. When an HTTP request using TLS/1.3 early data on top of TCP Fast Open or QUIC 0-RTT packets is received and the IP-address-based access control is used, the access control does not detect and prohibit HTTP requests conveyed by packets with a spoofed source address. This behavior allows attackers on the network to execute HTTP requests from addresses that are otherwise rejected by the address-based access control. The vulnerability has been addressed in commit 15ed15a. Users may disable the use of TCP FastOpen and QUIC to mitigate the issue. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T17:51:53.000000Z"}, {"uuid": "c2a680fb-31e8-49bd-a334-0f911c8b1024", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45396", "type": "seen", "source": "https://t.me/cvedetector/7687", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45396 - Quicly QUIC Protocol Denial-of-Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45396 \nPublished : Oct. 11, 2024, 3:15 p.m. | 31\u00a0minutes ago \nDescription : Quicly is an IETF QUIC protocol implementation. Quicly up to commtit d720707 is susceptible to a denial-of-service attack. A remote attacker can exploit these bugs to trigger an assertion failure that crashes process using quicly. The vulnerability is addressed with commit 2a95896104901589c495bc41460262e64ffcad5c. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-11T17:51:50.000000Z"}, {"uuid": "7d3f62d3-7c73-4869-88f9-d61b43abc6b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45392", "type": "seen", "source": "https://t.me/cvedetector/4934", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45392 - SuiteCRM API Delete Vulnerability (Information Disclosure)\", \n  \"Content\": \"CVE ID : CVE-2024-45392 \nPublished : Sept. 5, 2024, 5:15 p.m. | 26\u00a0minutes ago \nDescription : SuiteCRM is an open-source customer relationship management (CRM) system. Prior to version 7.14.5 and 8.6.2, insufficient access control checks allow a threat actor to delete records via the API. Versions 7.14.5 and 8.6.2 contain a patch for the issue. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-05T19:43:06.000000Z"}, {"uuid": "57288922-4780-4926-9cf3-ef9667bac180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45398", "type": "seen", "source": "https://t.me/cvedetector/5851", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45398 - Contao File Manager Executable File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45398 \nPublished : Sept. 17, 2024, 8:15 p.m. | 41\u00a0minutes ago \nDescription : Contao is an Open Source CMS. In affected versions a back end user with access to the file manager can upload malicious files and execute them on the server. Users are advised to update to Contao 4.13.49, 5.3.15 or 5.4.3. Users unable to update are advised to configure their web server so it does not execute PHP files and other scripts in the Contao file upload directory. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-17T23:08:38.000000Z"}, {"uuid": "d9d4a662-b5e7-4d2d-ad62-18a0e5e3bb15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45395", "type": "seen", "source": "https://t.me/cvedetector/4872", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45395 - sigstore-go Denial of Service Endless Data Attack\", \n  \"Content\": \"CVE ID : CVE-2024-45395 \nPublished : Sept. 4, 2024, 9:15 p.m. | 16\u00a0minutes ago \nDescription : sigstore-go, a Go library for Sigstore signing and verification, is susceptible to a denial of service attack in versions prior to 0.6.1 when a verifier is provided a maliciously crafted Sigstore Bundle containing large amounts of verifiable data, in the form of signed transparency log entries, RFC 3161 timestamps, and attestation subjects. The verification of these data structures is computationally expensive. This can be used to consume excessive CPU resources, leading to a denial of service attack. TUF's security model labels this type of vulnerability an \"Endless data attack,\" and can lead to verification failing to complete and disrupting services that rely on sigstore-go for verification. This vulnerability is addressed with sigstore-go 0.6.1, which adds hard limits to the number of verifiable data structures that can be processed in a bundle. Verification will fail if a bundle has data that exceeds these limits. The limits are 32 signed transparency log entries, 32 RFC 3161 timestamps, 1024 attestation subjects, and 32 digests per attestation subject. These limits are intended to be high enough to accommodate the vast majority of use cases, while preventing the verification of maliciously crafted bundles that contain large amounts of verifiable data. Users who are vulnerable but unable to quickly upgrade may consider adding manual bundle validation to enforce limits similar to those in the referenced patch prior to calling sigstore-go's verification functions. \nSeverity: 3.1 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T23:38:20.000000Z"}, {"uuid": "37880aec-0ba3-4e59-8491-1816f7425da9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45399", "type": "seen", "source": "https://t.me/cvedetector/4854", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45399 - Indico Cross-Site Scripting in Account Creation\", \n  \"Content\": \"CVE ID : CVE-2024-45399 \nPublished : Sept. 4, 2024, 8:15 p.m. | 27\u00a0minutes ago \nDescription : Indico is an event management system that uses Flask-Multipass, a multi-backend authentication system for Flask. In Indico prior to version 3.3.4, corresponding to Flask-Multipass prior to version 0.5.5, there is a Cross-Site-Scripting vulnerability during account creation when redirecting to the `next` URL. Exploitation requires initiating the account creation process with a maliciously crafted link, and then finalizing the signup process. Because of this, it can only target newly created (and thus unprivileged) Indico users. Indico 3.3.4 upgrades the dependency on Flask-Multipass to version 0.5.5, which fixes the issue. Those who build the Indico package themselves and cannot upgrade can update the `flask-multipass` dependency to `>=0.5.5` which fixes the vulnerability. Otherwise one could configure one's web server to disallow requests containing a query string with a `next` parameter that starts with `javascript:`. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T22:47:17.000000Z"}, {"uuid": "9ce1d69d-024b-4f32-87bb-49f803b37121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45394", "type": "seen", "source": "https://t.me/cvedetector/4723", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45394 - Authenticator AES Key Brute Force Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45394 \nPublished : Sept. 3, 2024, 9:15 p.m. | 44\u00a0minutes ago \nDescription : Authenticator is a browser extensions that generates two-step verification codes. In versions 7.0.0 and below, encryption keys for user data were stored encrypted at-rest using only AES-256 and the EVP_BytesToKey KDF. Therefore, attackers with a copy of a user's data are able to brute-force the user's encryption key. Users on version 8.0.0 and above are automatically migrated away from the weak encoding on first login. Users should destroy encrypted backups made with versions prior to 8.0.0. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-04T00:10:02.000000Z"}, {"uuid": "3657f15f-8d5b-460c-a081-9a49c8a3d9ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45390", "type": "seen", "source": "https://t.me/cvedetector/4718", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45390 - Template James Bond\", \n  \"Content\": \"CVE ID : CVE-2024-45390 \nPublished : Sept. 3, 2024, 8:15 p.m. | 35\u00a0minutes ago \nDescription : @blakeembrey/template is a string template library. Prior to version 1.2.0, it is possible to inject and run code within the template if the attacker has access to write the template name. Version 1.2.0 contains a patch. As a workaround, don't pass untrusted input as the template display name, or don't use the display name feature. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-03T23:19:50.000000Z"}, {"uuid": "67a3e73d-d2c3-4c29-9e31-5d0de3388520", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45391", "type": "seen", "source": "https://t.me/cvedetector/4716", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45391 - Tina CMS CLI Search Token Leak\", \n  \"Content\": \"CVE ID : CVE-2024-45391 \nPublished : Sept. 3, 2024, 8:15 p.m. | 35\u00a0minutes ago \nDescription : Tina is an open-source content management system (CMS). Sites building with Tina CMS's command line interface (CLI) prior to version 1.6.2 that use a search token may be vulnerable to the search token being leaked via lock file (tina-lock.json). Administrators of Tina-enabled websites with search setup should rotate their key immediately. This issue has been patched in @tinacms/cli version 1.6.2. Upgrading and rotating the search token is required for the proper fix. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-03T23:19:48.000000Z"}, {"uuid": "397c9232-803c-4f25-b3e9-c562f36918cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45393", "type": "seen", "source": "https://t.me/cvedetector/5238", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45393 - CVAT Webhook Information Disclosure and Remote Code Execution Weakness\", \n  \"Content\": \"CVE ID : CVE-2024-45393 \nPublished : Sept. 10, 2024, 3:15 p.m. | 45\u00a0minutes ago \nDescription : Computer Vision Annotation Tool (CVAT) is an interactive video and image annotation tool for computer vision. An attacker with a CVAT account can access webhook delivery information for any webhook registered on the CVAT instance, including that of other users. For each delivery, this contains information about the event that caused the delivery, typically including full details about the object on which an action was performed (such as the task for an \"update:task\" event), and the user who performed the action. In addition, the attacker can redeliver any past delivery of any webhook, and trigger a ping event for any webhook. Upgrade to CVAT 2.18.0 or any later version. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-10T18:25:05.000000Z"}]}