{"vulnerability": "CVE-2024-4885", "sightings": [{"uuid": "feb76aa4-dc20-47f3-92aa-bd7a9da3fff9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48859", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113606852952938161", "content": "", "creation_timestamp": "2024-12-06T16:36:45.783910Z"}, {"uuid": "485edcae-75cf-4dfc-8180-374c4ad2ef73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48854", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpxlxod4d2h", "content": "", "creation_timestamp": "2025-01-14T19:15:55.544843Z"}, {"uuid": "d504ddd0-8fa2-463d-9688-de2d50838df4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48855", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpxlzxtha2b", "content": "", "creation_timestamp": "2025-01-14T19:15:57.996870Z"}, {"uuid": "d030a38b-2998-4dbb-8128-d29d87ad2d86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48857", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpxm7vclr2n", "content": "", "creation_timestamp": "2025-01-14T19:16:04.055935Z"}, {"uuid": "bf8d7e52-9cf3-45fd-9230-4a4929e3f206", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48856", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpxm4727j2f", "content": "", "creation_timestamp": "2025-01-14T19:16:00.161907Z"}, {"uuid": "3733903e-7ee8-4afd-870d-8a80fb7468f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48856", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113828360052318580", "content": "", "creation_timestamp": "2025-01-14T19:28:56.365234Z"}, {"uuid": "2187c99c-7b01-48bb-8b5f-a171282d6b66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48854", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113828360052318580", "content": "", "creation_timestamp": "2025-01-14T19:28:56.405410Z"}, {"uuid": "d4a0aeb9-9f24-4f15-a302-fbfab299c4b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48855", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113828360052318580", "content": "", "creation_timestamp": "2025-01-14T19:28:56.440169Z"}, {"uuid": "6c0d26bf-8867-4ba7-833a-933c1146fb2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48857", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113828360052318580", "content": "", "creation_timestamp": "2025-01-14T19:28:56.474259Z"}, {"uuid": "1dff40eb-0d99-4053-854e-49d607ee0c98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48858", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113828360052318580", "content": "", "creation_timestamp": "2025-01-14T19:28:56.511553Z"}, {"uuid": "4831d095-2aad-41db-996d-efd7d6141435", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48856", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113828437956667256", "content": "", "creation_timestamp": "2025-01-14T19:48:44.658787Z"}, {"uuid": "f28193ca-2ca4-4ad9-bb4d-a76e239854fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48858", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfq2x2vup32e", "content": "", "creation_timestamp": "2025-01-14T20:15:49.420902Z"}, {"uuid": "f37d7434-f141-4cf4-8a25-8672c3faf0c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48852", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgw3xdq7pz2g", "content": "", "creation_timestamp": "2025-01-29T23:15:05.134086Z"}, {"uuid": "a3caa899-3d67-45ff-ba1a-d87f29026a89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2024-12-07)", "content": "", "creation_timestamp": "2024-12-07T00:00:00.000000Z"}, {"uuid": "001f24f1-0486-4479-8a49-0444998ea97b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48852", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113913186573736765", "content": "", "creation_timestamp": "2025-01-29T19:01:25.821839Z"}, {"uuid": "b88c8452-8eb3-48b0-8091-8c2c534363cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48852", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgvolhve4v2p", "content": "", "creation_timestamp": "2025-01-29T19:15:45.816682Z"}, {"uuid": "7e8b1024-a653-4de2-a349-65d9999e0496", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48852", "type": "seen", "source": "https://bsky.app/profile/gothburz.bsky.social/post/3lgsrp3sorh23", "content": "", "creation_timestamp": "2025-01-28T15:33:29.179133Z"}, {"uuid": "9c5f83be-32e1-4837-a0c5-581978cef846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48852", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113913606635491180", "content": "", "creation_timestamp": "2025-01-29T20:48:43.354342Z"}, {"uuid": "908e5dae-3be3-4cda-b3d3-df1af933679a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/3472168", "content": "", "creation_timestamp": "2025-03-03T15:58:12.739202Z"}, {"uuid": "3b91ac82-ca09-4d74-9121-e4e66c206bf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48852", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lgxp7vphef22", "content": "", "creation_timestamp": "2025-01-30T14:32:30.822568Z"}, {"uuid": "9ad56807-d8e1-45d8-9c5b-3c2efa56e9b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-05-15)", "content": "", "creation_timestamp": "2025-05-15T00:00:00.000000Z"}, {"uuid": "a3fc5b55-973d-4a7e-81fe-52294dfd0d53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-03T18:10:04.000000Z"}, {"uuid": "a29892de-1568-4933-bfb4-8d267ec2b4d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3ljjiqoibmk2j", "content": "", "creation_timestamp": "2025-03-04T03:14:57.554738Z"}, {"uuid": "a3081ac9-fa99-49d9-8fa2-0189955ceb74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ljleerdxzw2q", "content": "", "creation_timestamp": "2025-03-04T21:02:05.300559Z"}, {"uuid": "49dac62e-2e27-4fd4-8d22-35fdfca104de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "seen", "source": "https://bsky.app/profile/nihonmatsu.bsky.social/post/3ljnfrdwpgs2i", "content": "", "creation_timestamp": "2025-03-05T16:32:20.332119Z"}, {"uuid": "f24cb521-f15c-45ac-bc51-890a3dc70bdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48852", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-051-02", "content": "", "creation_timestamp": "2025-02-20T11:00:00.000000Z"}, {"uuid": "a15012dd-6f38-41c4-86cc-116c2367f694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-03-06T04:40:22.000000Z"}, {"uuid": "4ad57c8c-8a33-406e-b098-95499e9c4cfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48852", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmngl3lp4t2u", "content": "", "creation_timestamp": "2025-04-12T21:02:21.341136Z"}, {"uuid": "8bbdae24-2694-4822-b874-4cf527e04a91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-10-05)", "content": "", "creation_timestamp": "2025-10-05T00:00:00.000000Z"}, {"uuid": "ccfad03f-e570-4898-a88c-d6fdb1f11c20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-26)", "content": "", "creation_timestamp": "2025-06-26T00:00:00.000000Z"}, {"uuid": "5b7e61a6-6854-4429-9d92-af6e9b0798c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48851", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-310-03", "content": "", "creation_timestamp": "2025-11-06T11:00:00.000000Z"}, {"uuid": "2c773a1c-1837-475d-85e4-2bc56d29caa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-10)", "content": "", "creation_timestamp": "2025-11-10T00:00:00.000000Z"}, {"uuid": "f7a9db12-5482-42f1-a141-32adbbaba32b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48851", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lz4gzk45vb2a", "content": "", "creation_timestamp": "2025-09-18T13:22:34.957390Z"}, {"uuid": "b9833d76-95bf-4dda-abdf-1970bbf2a937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48855", "type": "seen", "source": "https://t.me/cvedetector/15350", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48855 - QNX SDP TIFF Image Codec Out-of-bounds Read Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48855 \nPublished : Jan. 14, 2025, 7:15 p.m. | 26\u00a0minutes ago \nDescription : Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T20:42:28.000000Z"}, {"uuid": "b86d6cc3-5f71-4673-b519-0bdf57cb408f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-4885", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/aef35cd6-09c1-46ef-acbc-65df705001b1", "content": "", "creation_timestamp": "2026-02-02T12:26:09.326444Z"}, {"uuid": "f31ca280-9350-4278-991c-20efd4d504d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-27)", "content": "", "creation_timestamp": "2026-02-27T00:00:00.000000Z"}, {"uuid": "6a54db86-3852-4b30-a58d-b59e51fb506c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48854", "type": "seen", "source": "https://t.me/cvedetector/15349", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48854 - QNX TIFF Image Codec Off-by-One Image Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-48854 \nPublished : Jan. 14, 2025, 7:15 p.m. | 26\u00a0minutes ago \nDescription : Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T20:42:27.000000Z"}, {"uuid": "8a70c4b5-a612-435e-a293-79f0c218325b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48857", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1565", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48857\n\ud83d\udd39 Description: NULL pointer dereference in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec.\n\ud83d\udccf Published: 2025-01-14T19:06:38.040Z\n\ud83d\udccf Modified: 2025-01-14T19:06:38.040Z\n\ud83d\udd17 References:\n1. https://support.blackberry.com/pkb/s/article/140334", "creation_timestamp": "2025-01-14T19:09:28.000000Z"}, {"uuid": "689ca5b2-5655-4eda-972f-5b4ff4713853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48855", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1570", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48855\n\ud83d\udd39 Description: Out-of-bounds read in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.\n\ud83d\udccf Published: 2025-01-14T18:59:25.736Z\n\ud83d\udccf Modified: 2025-01-14T18:59:25.736Z\n\ud83d\udd17 References:\n1. https://support.blackberry.com/pkb/s/article/140334", "creation_timestamp": "2025-01-14T19:09:50.000000Z"}, {"uuid": "f87586a8-1992-4166-a191-93a939774168", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48854", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1578", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48854\n\ud83d\udd39 Description: Off-by-one error in the TIFF image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause an information disclosure in the context of the process using the image codec.\n\ud83d\udccf Published: 2025-01-14T18:53:25.936Z\n\ud83d\udccf Modified: 2025-01-14T18:53:25.936Z\n\ud83d\udd17 References:\n1. https://support.blackberry.com/pkb/s/article/140334", "creation_timestamp": "2025-01-14T19:10:28.000000Z"}, {"uuid": "f166f3fc-1255-44f9-b26d-d5d99f466f8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6283", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4885\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: In WhatsUp Gold versions released before 2023.1.3,\u00a0an unauthenticated Remote Code Execution vulnerability in Progress WhatsUpGold.\u00a0\u00a0The \n\nWhatsUp.ExportUtilities.Export.GetFileWithoutZip\n\n\n\n allows execution of commands with iisapppool\\nmconsole privileges.\n\ud83d\udccf Published: 2024-06-25T19:48:15.268Z\n\ud83d\udccf Modified: 2025-03-03T20:14:13.636Z\n\ud83d\udd17 References:\n1. https://www.progress.com/network-monitoring\n2. https://community.progress.com/s/article/WhatsUp-Gold-Security-Bulletin-June-2024", "creation_timestamp": "2025-03-03T20:30:49.000000Z"}, {"uuid": "540d41b5-8aa8-4007-aaad-d05d434150b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48856", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1568", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48856\n\ud83d\udd39 Description: Out-of-bounds write in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition or execute code in the context of the process using the image codec.\n\ud83d\udccf Published: 2025-01-14T19:03:33.883Z\n\ud83d\udccf Modified: 2025-01-14T19:03:33.883Z\n\ud83d\udd17 References:\n1. https://support.blackberry.com/pkb/s/article/140334", "creation_timestamp": "2025-01-14T19:09:39.000000Z"}, {"uuid": "07324a8e-c973-496b-983f-40d03c6df3fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/12133", "content": "https://github.com/sinsinology/CVE-2024-4885\n\nPoC for CVE-2024-4885 Progress WhatsUp Gold GetFileWithoutZip Unauthenticated Remote Code Execution\n#github  #poc", "creation_timestamp": "2024-07-09T21:15:21.000000Z"}, {"uuid": "f162d906-11ea-418e-8cdf-b9f7b9c16a84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48858", "type": "seen", "source": "https://t.me/cvedetector/15367", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48858 - QNX SSD Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48858 \nPublished : Jan. 14, 2025, 8:15 p.m. | 37\u00a0minutes ago \nDescription : Improper input validation in the PCX image codec in QNX SDP versions 8.0, 7.1 and 7.0 could allow an unauthenticated attacker to cause a denial-of-service condition in the context of the process using the image codec. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T22:23:00.000000Z"}, {"uuid": "83f991e7-25cd-4916-a741-79a19ac7346b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48850", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17340", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-48850\n\ud83d\udd25 CVSS Score: 7.5 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:H/AT:P/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/R:U/V:C)\n\ud83d\udd39 Description: Absolute File Traversal vulnerabilities in ASPECT allows access and modification of unintended resources.\nThis issue affects ASPECT-Enterprise: through 3.08.03; NEXUS Series: through 3.08.03; MATRIX Series: through 3.08.03.\n\ud83d\udccf Published: 2025-05-22T16:45:45.409Z\n\ud83d\udccf Modified: 2025-05-22T17:30:39.471Z\n\ud83d\udd17 References:\n1. https://search.abb.com/library/Download.aspx?DocumentID=9AKK108471A0021&amp;LanguageCode=en&amp;DocumentPartId=pdf&amp;Action=Launch", "creation_timestamp": "2025-05-22T17:43:44.000000Z"}, {"uuid": "8def39c3-7147-4afb-9b10-85d1c6ae665a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48852", "type": "seen", "source": "https://t.me/cvedetector/16699", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48852 - FLEXON Log File Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48852 \nPublished : Jan. 29, 2025, 7:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : Insertion of Sensitive Information into Log File vulnerability observed in FLEXON. Some information may be improperly disclosed through https access.  \n   \n  \nThis issue affects FLXEON through &lt;=\nSeverity: 9.4 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-29T21:32:23.000000Z"}, {"uuid": "02329887-e1d1-4549-9c72-c1c768bd963c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "exploited", "source": "Telegram/zvA9mxiL6w9Olhtrl4qEfzXVUJenrhbynzhr-SNhe3DaBg", "content": "", "creation_timestamp": "2024-08-08T09:21:30.000000Z"}, {"uuid": "5aeb28d3-b354-4a56-8350-3af9b108df48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/12033", "content": "https://github.com/sinsinology/CVE-2024-4885\n\nhttps://summoning.team/blog/progress-whatsup-gold-rce-cve-2024-4885/\n\nWhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive\nCVE-2024-4885", "creation_timestamp": "2024-07-08T18:42:49.000000Z"}, {"uuid": "b4902146-1691-4ccc-9637-82a29bbbdb8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48859", "type": "seen", "source": "https://t.me/cvedetector/12259", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48859 - An improper authentication vulnerability has been\", \n  \"Content\": \"CVE ID : CVE-2024-48859 \nPublished : Dec. 6, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : An improper authentication vulnerability has been reported to affect several QNAP operating system versions. If exploited, the vulnerability could allow remote attackers to compromise the security of the system.  \n  \nWe have already fixed the vulnerability in the following versions:  \nQTS 5.1.9.2954 build 20241120 and later  \nQTS 5.2.2.2950 build 20241114 and later  \nQuTS hero h5.1.9.2954 build 20241120 and later  \nQuTS hero h5.2.2.2952 build 20241116 and later \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-06T18:58:32.000000Z"}, {"uuid": "a4041603-8d83-4da2-809d-27e9d9fbe800", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1198", "content": "https://github.com/sinsinology/CVE-2024-4885\n\nhttps://summoning.team/blog/progress-whatsup-gold-rce-cve-2024-4885/\n\nWhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive\nCVE-2024-4885", "creation_timestamp": "2024-07-08T18:42:49.000000Z"}, {"uuid": "9d65b7a6-dff1-4a41-9050-2cb65d2b5f2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1202", "content": "https://github.com/sinsinology/CVE-2024-4885\n\nPoC for CVE-2024-4885 Progress WhatsUp Gold GetFileWithoutZip Unauthenticated Remote Code Execution\n#github  #poc", "creation_timestamp": "2024-07-09T21:15:21.000000Z"}, {"uuid": "d37b6a8a-c035-49f6-8d5b-334e2fbf7103", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "https://t.me/SouthSumatraCyberTeamSSCT/800", "content": "https://github.com/sinsinology/CVE-2024-4885\n\nhttps://summoning.team/blog/progress-whatsup-gold-rce-cve-2024-4885/\n\nWhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive\nCVE-2024-4885", "creation_timestamp": "2024-07-09T00:58:46.000000Z"}, {"uuid": "f26e6303-4e1f-43c4-a192-aff79e2e5670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "Telegram/E0K4SacbBo7vvN_grN7HUJjKIuPNHN1egbc3qXVTBTE2Hg", "content": "", "creation_timestamp": "2024-07-11T07:55:58.000000Z"}, {"uuid": "f5970ca2-ec6d-40aa-89ae-48f341514b02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/17245", "content": "The Hacker News\nCritical Security Flaw in WhatsUp Gold Under Active Attack - Patch Now\n\nA critical security flaw impacting Progress Software WhatsUp Gold is seeing active exploitation attempts, making it essential that users move quickly to apply the latest.\nThe vulnerability in question is CVE-2024-4885 (CVSS score: 9.8), an unauthenticated remote code execution bug impacting versions of the network monitoring application released before 2023.1.3.\n\"The", "creation_timestamp": "2024-08-08T09:21:31.000000Z"}, {"uuid": "24440a7f-fc38-4b1e-8974-caeea7884f23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "exploited", "source": "Telegram/ig3mk0mX2RqfN7z3-jznsaNAylNbMPY5OpS0fe2_ouUyfg", "content": "", "creation_timestamp": "2024-08-08T08:34:10.000000Z"}, {"uuid": "91ca6f70-76fc-4a0e-b261-0d3d4d93fe7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "Telegram/FUryBaeTd16I_Z_BI23kcNzYjlRgHXorESHpEaaZvMk8bEI", "content": "", "creation_timestamp": "2024-07-11T04:35:45.000000Z"}, {"uuid": "cabc2484-b708-462a-8ce0-3468e6064999", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "Telegram/yyHU4AmcuvzMH7Mr_Iyg6WOXfkLoQk9lbnAqVqjqphJYHjY", "content": "", "creation_timestamp": "2024-08-09T09:36:15.000000Z"}, {"uuid": "a1fa7619-8dac-43b4-b4e1-415d4f1cce53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/3383", "content": "The Hacker News\nCritical Security Flaw in WhatsUp Gold Under Active Attack - Patch Now\n\nA critical security flaw impacting Progress Software WhatsUp Gold is seeing active exploitation attempts, making it essential that users move quickly to apply the latest.\nThe vulnerability in question is CVE-2024-4885 (CVSS score: 9.8), an unauthenticated remote code execution bug impacting versions of the network monitoring application released before 2023.1.3.\n\"The", "creation_timestamp": "2024-08-08T09:21:31.000000Z"}, {"uuid": "0a0cd17a-5d52-4656-82bf-86a56b977a68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "seen", "source": "https://t.me/cyberden_team/507", "content": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 WhatsUp Gold: \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u044f \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445 \u0441\u0435\u043a\u0440\u0435\u0442\u043e\u0432\n\n\ud83d\udda5 \u0412 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u043c \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u0438 WhatsUp Gold \u043e\u0442 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Progress \u0431\u044b\u043b\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 \u0431\u0435\u0437 \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\n\ud83d\udcca \u041e\u0431\u043e\u0437\u043d\u0430\u0447\u0435\u043d\u043d\u0430\u044f \u043a\u0430\u043a CVE-2024-4885, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u043e\u0439 \u043e\u0431\u0445\u043e\u0434\u0430 \u043f\u0443\u0442\u0438 \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u043d\u0430\u0434 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u043c.\n\n\ud83e\udee1 \u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f Progress \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u043e\u0442\u0440\u0435\u0430\u0433\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u043d\u0430 \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u0435 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0438 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0449\u0435\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443.  \n\n#\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c #\u043a\u0438\u0431\u0435\u0440\u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c #\u0434\u0430\u043d\u043d\u044b\u0435\u0432\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 #WhatsUpGold\n\n@ZerodayAlert", "creation_timestamp": "2024-07-10T20:19:38.000000Z"}, {"uuid": "7cbf22ea-e6c5-463e-93ab-977fb3659b9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "exploited", "source": "https://t.me/KomunitiSiber/2368", "content": "Critical Security Flaw in WhatsUp Gold Under Active Attack - Patch Now\nhttps://thehackernews.com/2024/08/critical-security-flaw-in-whatsup-gold.html\n\nA critical security flaw impacting Progress Software WhatsUp Gold is seeing active exploitation attempts, making it essential that users move quickly to apply the latest.\nThe vulnerability in question is CVE-2024-4885 (CVSS score: 9.8), an unauthenticated remote code execution bug impacting versions of the network monitoring application released before 2023.1.3.\n\"The", "creation_timestamp": "2024-08-08T12:02:46.000000Z"}, {"uuid": "10302d7b-a58e-4ba9-8f56-a954603d37a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "Telegram/pAhChO9CuHFdbSib_WxE7CILDZQiorOLN-cRrdUQx_hBETw", "content": "", "creation_timestamp": "2024-08-30T16:08:05.000000Z"}, {"uuid": "962c15fc-58eb-4ae4-aba6-c4e6c12a1815", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6078", "content": "\u0412 \u0434\u043e\u0433\u043e\u043d\u043a\u0443 \u043a Cisco, \u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u043e\u0431\u0440\u0430\u0442\u0438\u0442\u044c \u0432\u043d\u0438\u043c\u0430\u043d\u0438\u0435 \u0438 \u0440\u044f\u0434 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Claroty \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438  \u0434\u0432\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u041f\u041b\u041a \u0438\u0437\u0440\u0430\u0438\u043b\u044c\u0441\u043a\u043e\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Unitronics, \u0442\u043e\u0439 \u0441\u0430\u043c\u043e\u0439, \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0432 \u043f\u0440\u043e\u0448\u043b\u043e\u043c \u0433\u043e\u0434\u0443 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0438\u0440\u0430\u043d\u0441\u043a\u0430\u044f \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 Cyber Av3ngers. \u041e\u0431\u0435 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u044b.\n\nJenkins \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0430 \u0434\u0432\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u043e\u0441\u043d\u043e\u0432\u043d\u044b\u0445 \u0444\u0430\u0439\u043b\u043e\u0432 \u043f\u0440\u043e\u0435\u043a\u0442\u0430.\n\n\u0422\u0440\u0430\u0434\u0438\u0446\u0438\u043e\u043d\u043d\u043e \u0445\u0430\u043a\u0435\u0440\u044b \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u044b Progress, \u043d\u0430 \u044d\u0442\u043e\u0442 \u0440\u0430\u0437 \u0434\u043e\u0441\u0442\u0430\u043b\u043e\u0441\u044c \u0440\u0435\u0448\u0435\u043d\u0438\u044e \u0434\u043b\u044f \u043c\u043e\u043d\u0438\u0442\u043e\u0440\u0438\u043d\u0433\u0430 \u0441\u0435\u0442\u0438 WhatsUp Gold.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Shadowserver Foundation, \u0430\u0442\u0430\u043a\u0438 \u043d\u0430\u0447\u0430\u043b\u0438\u0441\u044c \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u0438 \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u044b \u043d\u0430 \u043e\u0448\u0438\u0431\u043a\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0434\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 (CVE-2024-4885), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u043d\u0430\u0447\u0430\u043b\u0435 \u0438\u044e\u043d\u044f. \n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0438 PoC \u0431\u044b\u043b\u0438 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0441 \u043d\u0430\u0447\u0430\u043b\u0430 \u0438\u044e\u043b\u044f.\n\n1Password \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 CVE-2024-42219 \u0432 \u0441\u0432\u043e\u0435\u043c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u0434\u043b\u044f macOS, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u043c \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f\u043c \u0432\u044b\u0434\u0430\u0432\u0430\u0442\u044c \u0441\u0435\u0431\u044f \u0437\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0435 1Password \u0438 \u043a\u0440\u0430\u0441\u0442\u044c \u0434\u0430\u043d\u043d\u044b\u0435 \u043f\u0430\u0440\u043e\u043b\u0435\u0439 \u0438\u0437 \u0435\u0433\u043e \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430.\n\nGoogle \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0435\u00a0\u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0434\u043b\u044f CVE-2023-2163 - \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u0434\u0440\u0430\u0439\u0432\u0435\u0440\u0435 \u044f\u0434\u0440\u0430 Linux eBPF, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f LPE \u0438 \u0430\u0442\u0430\u043a \u0441 \u0446\u0435\u043b\u044c\u044e \u0432\u044b\u0445\u043e\u0434\u0430 \u0438\u0437 \u043a\u043e\u043d\u0442\u0435\u0439\u043d\u0435\u0440\u0430.\n\nSonos \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0438\u0445 \u0443\u043c\u043d\u044b\u0445 \u043a\u043e\u043b\u043e\u043d\u043a\u0430\u0445, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u043e\u0448\u0438\u0431\u043a\u0443 CVE-2023-50809.\n\n\u041e\u043d\u0430 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u043c\u0441\u044f \u0432 \u0437\u043e\u043d\u0435 \u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f Wi-Fi \u0446\u0435\u043b\u0435\u0432\u043e\u0433\u043e \u0441\u043c\u0430\u0440\u0442-\u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0430 Sonos, \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u043d\u0430\u0434 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u043e\u043c \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u0441\u043a\u0440\u044b\u0442\u043d\u043e \u0437\u0430\u043f\u0438\u0441\u044b\u0432\u0430\u0442\u044c \u0437\u0432\u0443\u043a.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 NCC Group \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u0435 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u0441 \u0432\u0438\u0434\u0435\u043e, \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u0443\u044e\u0449\u0438\u043c \u0440\u0435\u0430\u043b\u044c\u043d\u0443\u044e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0437\u0430\u043f\u0438\u0441\u0438 \u043e\u043a\u0440\u0443\u0436\u0430\u044e\u0449\u0435\u0433\u043e \u0437\u0432\u0443\u043a\u0430.", "creation_timestamp": "2024-08-09T16:50:05.000000Z"}, {"uuid": "7fead274-bb13-4b8a-8b15-092c9f0f6049", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/8953", "content": "WhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive\n\nhttps://summoning.team/blog/progress-whatsup-gold-rce-cve-2024-4885", "creation_timestamp": "2024-07-23T01:02:48.000000Z"}, {"uuid": "4cef0bb7-a53b-4485-bfe3-c9df17a7e0c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "exploited", "source": "https://t.me/thehackernews/5379", "content": "A critical security flaw in Progress Software's WhatsUp Gold is under active exploitation. \n \nThis vulnerability allows unauthenticated remote code execution, posing a severe threat to network security. \n \nThe flaw (CVE-2024-4885) affects versions released before 2023.1.3. A PoC exploit is already in circulation. \n \nRead: https://thehackernews.com/2024/08/critical-security-flaw-in-whatsup-gold.html \n \nUpdate to the latest version immediately to protect your systems!", "creation_timestamp": "2024-08-08T07:35:36.000000Z"}, {"uuid": "e8a09a0b-5658-4b05-aa2b-335cc1b8734e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2765", "content": "https://github.com/sinsinology/CVE-2024-4885\n\nhttps://summoning.team/blog/progress-whatsup-gold-rce-cve-2024-4885/\n\nWhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive\nCVE-2024-4885\n#github  #\u5206\u6790", "creation_timestamp": "2024-07-08T18:41:24.000000Z"}, {"uuid": "8da32458-4f35-4b4f-b913-3486b81d987d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "https://t.me/fattahh_ir/2172", "content": "https://github.com/sinsinology/CVE-2024-4885\n\nhttps://summoning.team/blog/progress-whatsup-gold-rce-cve-2024-4885/\n\nWhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive\nCVE-2024-4885", "creation_timestamp": "2024-07-08T19:17:30.000000Z"}, {"uuid": "021eb7e6-bdc3-4d14-b1c1-ba9910ce08b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2770", "content": "https://github.com/sinsinology/CVE-2024-4885\n\nPoC for CVE-2024-4885 Progress WhatsUp Gold GetFileWithoutZip Unauthenticated Remote Code Execution\n#github  #poc", "creation_timestamp": "2024-07-09T16:36:01.000000Z"}, {"uuid": "1e06ad0b-c1dd-4283-9365-5a4ca90a4107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4885", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10809", "content": "#exploit\n1. CVE-2024-36404:\nRCE in evaluating XPath expressions\nhttps://github.com/geotools/geotools/security/advisories/GHSA-w3pj-wh35-fq8w\n\n2. CVE-2022-24785:\nMomentJS Path Traversal\nhttps://0xjay.com/how-cve-2022-24785-momentjs-path-traversal-works-detailed-exploit-guide\n\n3. CVE-2024-4885:\nProgress WhatsUp Gold GetFileWithoutZip Unauthenticated RCE\nhttps://github.com/sinsinology/CVE-2024-4885", "creation_timestamp": "2024-07-09T16:34:26.000000Z"}]}