{"vulnerability": "CVE-2024-4629", "sightings": [{"uuid": "ce8ee8dd-59fc-436a-90b3-4a5343cfe2ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46292", "type": "seen", "source": "https://t.me/cvedetector/7500", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46292 - Apache Modsecurity Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46292 \nPublished : Oct. 9, 2024, 4:15 p.m. | 38\u00a0minutes ago \nDescription : A buffer overflow in modsecurity v3.0.12 allows attackers to cause a Denial of Service (DoS) via a crafted input inserted into the name parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-09T19:00:05.000000Z"}, {"uuid": "f3b4313c-5be1-474b-8eb8-6016ebb86231", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46293", "type": "seen", "source": "https://t.me/cvedetector/6654", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46293 - Sourcecodester Online Medicine Ordering System Admin Session Token Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-46293 \nPublished : Sept. 30, 2024, 3:15 p.m. | 38\u00a0minutes ago \nDescription : Sourcecodester Online Medicine Ordering System 1.0 is vulnerable to Incorrect Access Control. There is a lack of authorization checks for admin operations. Specifically, an attacker can perform admin-level actions without possessing a valid session token. The application does not verify whether the user is logged in as an admin or even check for a session token at all. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-30T18:19:45.000000Z"}, {"uuid": "84328b62-4443-4ae5-a0e2-bc133f77ad52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4629", "type": "seen", "source": "https://t.me/cvedetector/4721", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-4629 - Keycloak Brute Force Protection Timing Attack\", \n  \"Content\": \"CVE ID : CVE-2024-4629 \nPublished : Sept. 3, 2024, 8:15 p.m. | 44\u00a0minutes ago \nDescription : A vulnerability was found in Keycloak. This flaw allows attackers to bypass brute force protection by exploiting the timing of login attempts. By initiating multiple login requests simultaneously, attackers can exceed the configured limits for failed attempts before the system locks them out. This timing loophole enables attackers to make more guesses at passwords than intended, potentially compromising account security on affected systems. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-03T23:19:55.000000Z"}]}