{"vulnerability": "CVE-2024-4950", "sightings": [{"uuid": "653bc88d-0651-4269-a418-2f9532d995c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49504", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113476213151539862", "content": "", "creation_timestamp": "2024-11-13T14:53:20.781854Z"}, {"uuid": "25dc77a2-a2ce-40e1-b946-1e10202bdc77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49507", "type": "seen", "source": "https://t.me/cvedetector/10741", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49507 - Adobe InDesign Heap-based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49507 \nPublished : Nov. 12, 2024, 9:15 p.m. | 45\u00a0minutes ago \nDescription : InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T23:05:57.000000Z"}, {"uuid": "c9d5a080-d84d-4ffa-9ae4-fcd6a1462e69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49506", "type": "seen", "source": "https://t.me/cvedetector/10822", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49506 - \"IBM AIX Temporary File Insecure Creation Denial of Service Directory Traversal Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-49506 \nPublished : Nov. 13, 2024, 3:15 p.m. | 38\u00a0minutes ago \nDescription : Insecure creation of temporary files allows local users on systems with non-default configurations to cause denial of service or set the encryption key for a filesystem \nSeverity: 0.0 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T17:13:31.000000Z"}, {"uuid": "ce827dc6-72b0-497d-a4a4-6b04937f67c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49501", "type": "seen", "source": "https://t.me/cvedetector/9563", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49501 - Omron Sysmac Studio Incorrect Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49501 \nPublished : Nov. 1, 2024, 5:15 a.m. | 43\u00a0minutes ago \nDescription : Sysmac Studio provided by OMRON Corporation contains an incorrect authorization vulnerability. If this vulnerability is exploited, an attacker may access the program which is protected by Data Protection function. \nSeverity: 5.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-01T07:09:18.000000Z"}, {"uuid": "d2990072-e323-4d9f-9476-4e7feddfd235", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49505", "type": "seen", "source": "https://t.me/cvedetector/10828", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49505 - OpenSUSE Tumbleweed MirrorCache Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-49505 \nPublished : Nov. 13, 2024, 3:15 p.m. | 38\u00a0minutes ago \nDescription : A Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in openSUSE Tumbleweed MirrorCache allows the execution of arbitrary JS via reflected XSS in the\u00a0 REGEX and P parameters.  \nThis issue affects MirrorCache before 1.083. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T17:13:38.000000Z"}, {"uuid": "25072776-d4a6-4dd4-90de-28f33f27eafd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49504", "type": "seen", "source": "https://t.me/cvedetector/10827", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49504 - Grub2 Encrypted Disk File Access Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49504 \nPublished : Nov. 13, 2024, 3:15 p.m. | 38\u00a0minutes ago \nDescription : grub2 allowed attackers with access to the grub shell to access files on the encrypted disks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T17:13:37.000000Z"}, {"uuid": "6cdd925f-5f88-4f33-97d6-df03d94a7187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-49504", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "5b60c54b-cac5-4447-9925-71c6cdbb7468", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4950", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9452", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4950\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Inappropriate implementation in Downloads in Google Chrome prior to 125.0.6422.60 allowed a remote attacker who convinced a user to engage in specific UI gestures to perform UI spoofing via a crafted HTML page. (Chromium security severity: Low)\n\ud83d\udccf Published: 2024-05-15T20:42:34.902Z\n\ud83d\udccf Modified: 2025-03-28T19:59:23.443Z\n\ud83d\udd17 References:\n1. https://chromereleases.googleblog.com/2024/05/stable-channel-update-for-desktop_15.html\n2. https://issues.chromium.org/issues/40065403\n3. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/NTSN22LNYXMWHVTYNOYQVOY7VDZFHENQ/\n4. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WSUWM73ZCXTN62AT2REYQDD5ZKPFMDZD/\n5. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/6G7EYH2JAK5OJPVNC6AXYQ5K7YGYNCDN/", "creation_timestamp": "2025-03-28T20:28:53.000000Z"}, {"uuid": "272661a2-6d09-44e3-8ae6-e5af06f1c621", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49509", "type": "seen", "source": "https://t.me/cvedetector/10737", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49509 - Adobe InDesign Heap-based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49509 \nPublished : Nov. 12, 2024, 9:15 p.m. | 45\u00a0minutes ago \nDescription : InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T23:05:51.000000Z"}, {"uuid": "6901a3a8-0754-46ea-a72d-5b3503223d89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49508", "type": "seen", "source": "https://t.me/cvedetector/10742", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49508 - Adobe InDesign Heap Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-49508 \nPublished : Nov. 12, 2024, 9:15 p.m. | 45\u00a0minutes ago \nDescription : InDesign Desktop versions ID18.5.3, ID19.5 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T23:05:58.000000Z"}]}