{"vulnerability": "CVE-2024-5009", "sightings": [{"uuid": "997d6b53-9e88-49cb-80c7-d30531f66583", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50090", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113431437055534198", "content": "", "creation_timestamp": "2024-11-05T17:06:11.533019Z"}, {"uuid": "291b9c7a-1324-4ad9-80e7-e5b854389aae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50093", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113431496085656824", "content": "", "creation_timestamp": "2024-11-05T17:21:15.148436Z"}, {"uuid": "1589ee84-04ab-423c-a6df-321613b87e67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50091", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113431496057393313", "content": "", "creation_timestamp": "2024-11-05T17:21:15.401829Z"}, {"uuid": "f7902018-d04a-4467-8f1d-b43c0be7595e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50092", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113431496071614443", "content": "", "creation_timestamp": "2024-11-05T17:21:15.546332Z"}, {"uuid": "69a3857b-ac48-430f-86ae-61f492c587f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50094", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113431496099523719", "content": "", "creation_timestamp": "2024-11-05T17:21:15.594616Z"}, {"uuid": "5327e7be-e0f2-45fb-ad1f-46de860eaac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50095", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113431555097742073", "content": "", "creation_timestamp": "2024-11-05T17:36:12.703437Z"}, {"uuid": "fbae91d2-5607-40ca-a281-b62dfa42716a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50096", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113431555130886058", "content": "", "creation_timestamp": "2024-11-05T17:36:13.192299Z"}, {"uuid": "dd48e826-8327-48ce-aca7-c8e5f46a4f91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50097", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113431555144366840", "content": "", "creation_timestamp": "2024-11-05T17:36:13.320395Z"}, {"uuid": "b01524b6-6485-4beb-806c-a484bf7c770b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50095", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "8e1adb8b-400a-4c9e-a358-5449709fe4e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50096", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "cf9f2e97-c76d-4980-90d5-8d743cb70b3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5009", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7923", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-5009 : WhatsUp Gold SetAdminPassword Privilege Escalation\nURL\uff1ahttps://github.com/th3gokul/CVE-2024-5009\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-09T17:17:35.000000Z"}, {"uuid": "f8d2fe41-e9bb-4f68-a81a-68ad11cd06d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50099", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "4d6e2158-3654-4b0a-a68f-1e20a6627007", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50095", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mbynkk7rzk2z", "content": "", "creation_timestamp": "2026-01-09T13:55:34.175243Z"}, {"uuid": "b1c35d9a-ae8f-4791-8665-d1cd9de6b5dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-50095", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "4016aec0-3342-4882-8ccb-4c90c738927f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-50098", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "b6295eb3-dd2b-4f1e-a65f-46404faa1f27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5009", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7913", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploit for CVE-2024-5009\nURL\uff1ahttps://github.com/sinsinology/CVE-2024-5009\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-08T12:21:10.000000Z"}, {"uuid": "bff7cba1-426b-4a59-9a96-1816860f77fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50091", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2167", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-50091\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndm vdo: don't refer to dedupe_context after releasing it\n\nClear the dedupe_context pointer in a data_vio whenever ownership of\nthe context is lost, so that vdo can't examine it accidentally.\n\ud83d\udccf Published: 2024-11-05T17:04:55.311Z\n\ud83d\udccf Modified: 2025-01-17T15:56:22.693Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/63ef073084c67878d7a92e15ad055172da3f05a3\n2. https://git.kernel.org/stable/c/0808ebf2f80b962e75741a41ced372a7116f1e26", "creation_timestamp": "2025-01-17T16:57:09.000000Z"}, {"uuid": "7f6244f9-7daf-4bb0-8024-6963fa7456cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50096", "type": "seen", "source": "https://t.me/cvedetector/9908", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50096 - \"Nouveau DMA Memory Zero-Page Disclosure\"\", \n  \"Content\": \"CVE ID : CVE-2024-50096 \nPublished : Nov. 5, 2024, 5:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error  \n  \nThe `nouveau_dmem_copy_one` function ensures that the copy push command is  \nsent to the device firmware but does not track whether it was executed  \nsuccessfully.  \n  \nIn the case of a copy error (e.g., firmware or hardware failure), the  \ncopy push command will be sent via the firmware channel, and  \n`nouveau_dmem_copy_one` will likely report success, leading to the  \n`migrate_to_ram` function returning a dirty HIGH_USER page to the user.  \n  \nThis can result in a security vulnerability, as a HIGH_USER page that may  \ncontain sensitive or corrupted data could be returned to the user.  \n  \nTo prevent this vulnerability, we allocate a zero page. Thus, in case of  \nan error, a non-dirty (zero) page will be returned to the user. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T18:53:59.000000Z"}, {"uuid": "21bf0118-2970-4b40-9935-a518dd385199", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5009", "type": "published-proof-of-concept", "source": "Telegram/41AOwW-HVfveJGnWTCUGJmCb5QTVwo4WGVTDiWBY6ulqpQ", "content": "", "creation_timestamp": "2024-08-01T20:58:08.000000Z"}, {"uuid": "1b82cada-ef60-4567-922c-54d79d7fb9f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50095", "type": "seen", "source": "https://t.me/cvedetector/9907", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50095 - Dell PowerEdge R740 RDMA MAD Agent Soft Lockup Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50095 \nPublished : Nov. 5, 2024, 5:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nRDMA/mad: Improve handling of timed out WRs of mad agent  \n  \nCurrent timeout handler of mad agent acquires/releases mad_agent_priv  \nlock for every timed out WRs. This causes heavy locking contention  \nwhen higher no. of WRs are to be handled inside timeout handler.  \n  \nThis leads to softlockup with below trace in some use cases where  \nrdma-cm path is used to establish connection between peer nodes  \n  \nTrace:  \n-----  \n BUG: soft lockup - CPU#4 stuck for 26s! [kworker/u128:3:19767]  \n CPU: 4 PID: 19767 Comm: kworker/u128:3 Kdump: loaded Tainted: G OE  \n     -------  ---  5.14.0-427.13.1.el9_4.x86_64 #1  \n Hardware name: Dell Inc. PowerEdge R740/01YM03, BIOS 2.4.8 11/26/2019  \n Workqueue: ib_mad1 timeout_sends [ib_core]  \n RIP: 0010:__do_softirq+0x78/0x2ac  \n RSP: 0018:ffffb253449e4f98 EFLAGS: 00000246  \n RAX: 00000000ffffffff RBX: 0000000000000000 RCX: 000000000000001f  \n RDX: 000000000000001d RSI: 000000003d1879ab RDI: fff363b66fd3a86b  \n RBP: ffffb253604cbcd8 R08: 0000009065635f3b R09: 0000000000000000  \n R10: 0000000000000040 R11: ffffb253449e4ff8 R12: 0000000000000000  \n R13: 0000000000000000 R14: 0000000000000000 R15: 0000000000000040  \n FS:  0000000000000000(0000) GS:ffff8caa1fc80000(0000) knlGS:0000000000000000  \n CS:  0010 DS: 0000 ES: 0000 CR0: 0000000080050033  \n CR2: 00007fd9ec9db900 CR3: 0000000891934006 CR4: 00000000007706e0  \n DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000  \n DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400  \n PKRU: 55555554  \n Call Trace:  \n    \n  ? show_trace_log_lvl+0x1c4/0x2df  \n  ? show_trace_log_lvl+0x1c4/0x2df  \n  ? __irq_exit_rcu+0xa1/0xc0  \n  ? watchdog_timer_fn+0x1b2/0x210  \n  ? __pfx_watchdog_timer_fn+0x10/0x10  \n  ? __hrtimer_run_queues+0x127/0x2c0  \n  ? hrtimer_interrupt+0xfc/0x210  \n  ? __sysvec_apic_timer_interrupt+0x5c/0x110  \n  ? sysvec_apic_timer_interrupt+0x37/0x90  \n  ? asm_sysvec_apic_timer_interrupt+0x16/0x20  \n  ? __do_softirq+0x78/0x2ac  \n  ? __do_softirq+0x60/0x2ac  \n  __irq_exit_rcu+0xa1/0xc0  \n  sysvec_call_function_single+0x72/0x90  \n    \n    \n  asm_sysvec_call_function_single+0x16/0x20  \n RIP: 0010:_raw_spin_unlock_irq+0x14/0x30  \n RSP: 0018:ffffb253604cbd88 EFLAGS: 00000247  \n RAX: 000000000001960d RBX: 0000000000000002 RCX: ffff8cad2a064800  \n RDX: 000000008020001b RSI: 0000000000000001 RDI: ffff8cad5d39f66c  \n RBP: ffff8cad5d39f600 R08: 0000000000000001 R09: 0000000000000000  \n R10: ffff8caa443e0c00 R11: ffffb253604cbcd8 R12: ffff8cacb8682538  \n R13: 0000000000000005 R14: ffffb253604cbd90 R15: ffff8cad5d39f66c  \n  cm_process_send_error+0x122/0x1d0 [ib_cm]  \n  timeout_sends+0x1dd/0x270 [ib_core]  \n  process_one_work+0x1e2/0x3b0  \n  ? __pfx_worker_thread+0x10/0x10  \n  worker_thread+0x50/0x3a0  \n  ? __pfx_worker_thread+0x10/0x10  \n  kthread+0xdd/0x100  \n  ? __pfx_kthread+0x10/0x10  \n  ret_from_fork+0x29/0x50  \n    \n  \nSimplified timeout handler by creating local list of timed out WRs  \nand invoke send handler post creating the list. The new method acquires/  \nreleases lock once to fetch the list and hence helps to reduce locking  \ncontetiong when processing higher no. of WRs \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T18:53:55.000000Z"}, {"uuid": "c74573d6-074f-4368-9ab3-ade7b79268ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50094", "type": "seen", "source": "https://t.me/cvedetector/9906", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50094 - \"Philips SFC Linux Net Driver Unconditional XDP Flush Buffer Over-Write\"\", \n  \"Content\": \"CVE ID : CVE-2024-50094 \nPublished : Nov. 5, 2024, 5:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nsfc: Don't invoke xdp_do_flush() from netpoll.  \n  \nYury reported a crash in the sfc driver originated from  \nnetpoll_send_udp(). The netconsole sends a message and then netpoll  \ninvokes the driver's NAPI function with a budget of zero. It is  \ndedicated to allow driver to free TX resources, that it may have used  \nwhile sending the packet.  \n  \nIn the netpoll case the driver invokes xdp_do_flush() unconditionally,  \nleading to crash because bpf_net_context was never assigned.  \n  \nInvoke xdp_do_flush() only if budget is not zero. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T18:53:54.000000Z"}, {"uuid": "72ffce6b-3eee-4606-b160-5214806ee75b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50093", "type": "seen", "source": "https://t.me/cvedetector/9905", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50093 - Intel processor_thermal Linux PCI Device Disable Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50093 \nPublished : Nov. 5, 2024, 5:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nthermal: intel: int340x: processor: Fix warning during module unload  \n  \nThe processor_thermal driver uses pcim_device_enable() to enable a PCI  \ndevice, which means the device will be automatically disabled on driver  \ndetach.  Thus there is no need to call pci_disable_device() again on it.  \n  \nWith recent PCI device resource management improvements, e.g. commit  \nf748a07a0b64 (\"PCI: Remove legacy pcim_release()\"), this problem is  \nexposed and triggers the warining below.  \n  \n [  224.010735] proc_thermal_pci 0000:00:04.0: disabling already-disabled device  \n [  224.010747] WARNING: CPU: 8 PID: 4442 at drivers/pci/pci.c:2250 pci_disable_device+0xe5/0x100  \n ...  \n [  224.010844] Call Trace:  \n [  224.010845]    \n [  224.010847]  ? show_regs+0x6d/0x80  \n [  224.010851]  ? __warn+0x8c/0x140  \n [  224.010854]  ? pci_disable_device+0xe5/0x100  \n [  224.010856]  ? report_bug+0x1c9/0x1e0  \n [  224.010859]  ? handle_bug+0x46/0x80  \n [  224.010862]  ? exc_invalid_op+0x1d/0x80  \n [  224.010863]  ? asm_exc_invalid_op+0x1f/0x30  \n [  224.010867]  ? pci_disable_device+0xe5/0x100  \n [  224.010869]  ? pci_disable_device+0xe5/0x100  \n [  224.010871]  ? kfree+0x21a/0x2b0  \n [  224.010873]  pcim_disable_device+0x20/0x30  \n [  224.010875]  devm_action_release+0x16/0x20  \n [  224.010878]  release_nodes+0x47/0xc0  \n [  224.010880]  devres_release_all+0x9f/0xe0  \n [  224.010883]  device_unbind_cleanup+0x12/0x80  \n [  224.010885]  device_release_driver_internal+0x1ca/0x210  \n [  224.010887]  driver_detach+0x4e/0xa0  \n [  224.010889]  bus_remove_driver+0x6f/0xf0  \n [  224.010890]  driver_unregister+0x35/0x60  \n [  224.010892]  pci_unregister_driver+0x44/0x90  \n [  224.010894]  proc_thermal_pci_driver_exit+0x14/0x5f0 [processor_thermal_device_pci]  \n ...  \n [  224.010921] ---[ end trace 0000000000000000 ]---  \n  \nRemove the excess pci_disable_device() calls.  \n  \n[ rjw: Subject and changelog edits ] \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T18:53:54.000000Z"}, {"uuid": "93fd50fb-7fd9-487e-ae1c-a032455ba084", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50097", "type": "seen", "source": "https://t.me/cvedetector/9909", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50097 - Linux Kernel fec PTP Unconditional Saveidges\", \n  \"Content\": \"CVE ID : CVE-2024-50097 \nPublished : Nov. 5, 2024, 5:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet: fec: don't save PTP state if PTP is unsupported  \n  \nSome platforms (such as i.MX25 and i.MX27) do not support PTP, so on  \nthese platforms fec_ptp_init() is not called and the related members  \nin fep are not initialized. However, fec_ptp_save_state() is called  \nunconditionally, which causes the kernel to panic. Therefore, add a  \ncondition so that fec_ptp_save_state() is not called if PTP is not  \nsupported. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T18:54:00.000000Z"}, {"uuid": "b3bbdd8e-131f-4505-bccf-464e9c0c809f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50090", "type": "seen", "source": "https://t.me/cvedetector/9902", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50090 - \"Xe/OA Assertion Crash Due to Unchecked Batch Buffer Overflow\"\", \n  \"Content\": \"CVE ID : CVE-2024-50090 \nPublished : Nov. 5, 2024, 5:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ndrm/xe/oa: Fix overflow in oa batch buffer  \n  \nBy default xe_bb_create_job() appends a MI_BATCH_BUFFER_END to batch  \nbuffer, this is not a problem if batch buffer is only used once but  \noa reuses the batch buffer for the same metric and at each call  \nit appends a MI_BATCH_BUFFER_END, printing the warning below and then  \noverflowing.  \n  \n[  381.072016] ------------[ cut here ]------------  \n[  381.072019] xe 0000:00:02.0: [drm] Assertion `bb->len * 4 + bb_prefetch(q->gt) <=\nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T18:53:48.000000Z"}, {"uuid": "29c20331-b687-48d7-950f-0242eed4130f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50092", "type": "seen", "source": "https://t.me/cvedetector/9904", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50092 - Linux Netconsole Wrong Warning\", \n  \"Content\": \"CVE ID : CVE-2024-50092 \nPublished : Nov. 5, 2024, 5:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet: netconsole: fix wrong warning  \n  \nA warning is triggered when there is insufficient space in the buffer  \nfor userdata. However, this is not an issue since userdata will be sent  \nin the next iteration.  \n  \nCurrent warning message:  \n  \n    ------------[ cut here ]------------  \n     WARNING: CPU: 13 PID: 3013042 at drivers/net/netconsole.c:1122 write_ext_msg+0x3b6/0x3d0  \n      ? write_ext_msg+0x3b6/0x3d0  \n      console_flush_all+0x1e9/0x330  \n  \nThe code incorrectly issues a warning when this_chunk is zero, which is  \na valid scenario. The warning should only be triggered when this_chunk  \nis negative. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T18:53:53.000000Z"}, {"uuid": "7a8b9946-2c24-45cb-a3fe-14fa821db17d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50091", "type": "seen", "source": "https://t.me/cvedetector/9903", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50091 - Linux Kernel dm vdo Double Free\", \n  \"Content\": \"CVE ID : CVE-2024-50091 \nPublished : Nov. 5, 2024, 5:15 p.m. | 32\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \ndm vdo: don't refer to dedupe_context after releasing it  \n  \nClear the dedupe_context pointer in a data_vio whenever ownership of  \nthe context is lost, so that vdo can't examine it accidentally. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T18:53:52.000000Z"}, {"uuid": "3b43edef-61cc-45f0-8c40-1ce60bfe79f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5009", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/1661", "content": "\ud83d\udea8PoC RELEASED\ud83d\udea8PoC for Progress WhatsUp Gold SetAdminPassword Privilege Escalation (CVE-2024-5009)\n\nhttps://x.com/DarkWebInformer/status/1810722112476434651\n\nhttps://github.com/sinsinology/CVE-2024-5009", "creation_timestamp": "2024-07-09T19:07:26.000000Z"}, {"uuid": "8ed17447-36b4-4d13-8bc6-ef5314c87334", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5009", "type": "published-proof-of-concept", "source": "Telegram/E0K4SacbBo7vvN_grN7HUJjKIuPNHN1egbc3qXVTBTE2Hg", "content": "", "creation_timestamp": "2024-07-11T07:55:58.000000Z"}, {"uuid": "c9335661-dfe1-4dce-98a0-33aebfeb4844", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5009", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8444", "content": "Tools - Hackers Factory \n\nHellPot is an endless honeypot based on Heffalump that sends unruly HTTP bots to hell.\n\nhttps://github.com/yunginnanet/HellPot\n\nWork-in-progress date-time SQLite extension that will support timezones.\n\nhttps://github.com/asg017/sqlite-jiff\n\nSubdominator is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. It is designed to help researchers and cybersecurity professionals discover potential security vulnerabilities by efficiently enumerating subdomains some various free passive resources.\n\nhttps://github.com/RevoltSecurities/Subdominator\n\nCVE-2024-4879 Exploit & PoC - Nuclei Template\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\nCVE-2024-34102: Unauthenticated Magento XXE.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-34102 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-34102\n\nCVE-2024-5009 : WhatsUp Gold SetAdminPassword Privilege Escalation.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-5009 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-5009\n\nSubprober - An essential HTTP multi-purpose Probing Tool for Penetration Testers and Security Researchers with Asynchronous httpx client support.\n\nhttps://github.com/RevoltSecurities/SubProber\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-01T03:55:12.000000Z"}, {"uuid": "cc8be205-d436-4ce4-9eda-7ddad5e83eaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5009", "type": "published-proof-of-concept", "source": "Telegram/yyHU4AmcuvzMH7Mr_Iyg6WOXfkLoQk9lbnAqVqjqphJYHjY", "content": "", "creation_timestamp": "2024-08-09T09:36:15.000000Z"}, {"uuid": "07a98c36-a858-4892-b40e-6db29162d422", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5009", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/562", "content": "Tools - Hackers Factory \n\nHellPot is an endless honeypot based on Heffalump that sends unruly HTTP bots to hell.\n\nhttps://github.com/yunginnanet/HellPot\n\nWork-in-progress date-time SQLite extension that will support timezones.\n\nhttps://github.com/asg017/sqlite-jiff\n\nSubdominator is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. It is designed to help researchers and cybersecurity professionals discover potential security vulnerabilities by efficiently enumerating subdomains some various free passive resources.\n\nhttps://github.com/RevoltSecurities/Subdominator\n\nCVE-2024-4879 Exploit & PoC - Nuclei Template\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\nCVE-2024-34102: Unauthenticated Magento XXE.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-34102 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-34102\n\nCVE-2024-5009 : WhatsUp Gold SetAdminPassword Privilege Escalation.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-5009 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-5009\n\nSubprober - An essential HTTP multi-purpose Probing Tool for Penetration Testers and Security Researchers with Asynchronous httpx client support.\n\nhttps://github.com/RevoltSecurities/SubProber\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-01T03:33:14.000000Z"}, {"uuid": "1918936f-c5cf-4c96-ac86-4b1400ae6d08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5009", "type": "published-proof-of-concept", "source": "Telegram/FUryBaeTd16I_Z_BI23kcNzYjlRgHXorESHpEaaZvMk8bEI", "content": "", "creation_timestamp": "2024-07-11T04:35:45.000000Z"}, {"uuid": "04deee48-390a-4692-8625-16ac60ed48ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5009", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3581", "content": "Tools - Hackers Factory \n\nHellPot is an endless honeypot based on Heffalump that sends unruly HTTP bots to hell.\n\nhttps://github.com/yunginnanet/HellPot\n\nWork-in-progress date-time SQLite extension that will support timezones.\n\nhttps://github.com/asg017/sqlite-jiff\n\nSubdominator is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. It is designed to help researchers and cybersecurity professionals discover potential security vulnerabilities by efficiently enumerating subdomains some various free passive resources.\n\nhttps://github.com/RevoltSecurities/Subdominator\n\nCVE-2024-4879 Exploit & PoC - Nuclei Template\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\nCVE-2024-34102: Unauthenticated Magento XXE.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-34102 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-34102\n\nCVE-2024-5009 : WhatsUp Gold SetAdminPassword Privilege Escalation.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-5009 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-5009\n\nSubprober - An essential HTTP multi-purpose Probing Tool for Penetration Testers and Security Researchers with Asynchronous httpx client support.\n\nhttps://github.com/RevoltSecurities/SubProber\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-01T03:33:21.000000Z"}, {"uuid": "2406f0d9-d81b-4470-8fd5-aec0786cd3ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5009", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7132", "content": "Tools - Hackers Factory \n\nHellPot is an endless honeypot based on Heffalump that sends unruly HTTP bots to hell.\n\nhttps://github.com/yunginnanet/HellPot\n\nWork-in-progress date-time SQLite extension that will support timezones.\n\nhttps://github.com/asg017/sqlite-jiff\n\nSubdominator is a powerful tool for passive subdomain enumeration during bug hunting and reconnaissance processes. It is designed to help researchers and cybersecurity professionals discover potential security vulnerabilities by efficiently enumerating subdomains some various free passive resources.\n\nhttps://github.com/RevoltSecurities/Subdominator\n\nCVE-2024-4879 Exploit & PoC - Nuclei Template\n\nhttps://github.com/Brut-Security/CVE-2024-4879\n\nCVE-2024-34102: Unauthenticated Magento XXE.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-34102 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-34102\n\nCVE-2024-5009 : WhatsUp Gold SetAdminPassword Privilege Escalation.\n\nCVEHunter tool for vulnerability detection and exploitation tool for CVE-2024-5009 with Asychronous Performance.\n\nhttps://github.com/th3gokul/CVE-2024-5009\n\nSubprober - An essential HTTP multi-purpose Probing Tool for Penetration Testers and Security Researchers with Asynchronous httpx client support.\n\nhttps://github.com/RevoltSecurities/SubProber\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-01T03:55:12.000000Z"}, {"uuid": "a930fa74-8e8d-46ef-831d-3ad2701c5e37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5009", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2155", "content": "CVE-2024-5009 \n*\nProgress WhatsUp Gold SetAdminPassword Privilege Escalation\n*\nPOC", "creation_timestamp": "2024-07-09T10:16:06.000000Z"}]}