{"vulnerability": "CVE-2024-5274", "sightings": [{"uuid": "03f12769-fc0d-42ff-a63c-942fae7b28f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "seen", "source": "MISP/682055c7-fb73-4d29-be0f-ef00f55f3970", "content": "", "creation_timestamp": "2024-09-09T15:25:40.000000Z"}, {"uuid": "3a72f9b0-c43f-4602-8178-5bb0df06c14f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "seen", "source": "MISP/7a9d9173-4384-4175-9c02-52868c04fd34", "content": "", "creation_timestamp": "2024-09-02T09:47:09.000000Z"}, {"uuid": "b2d1e28c-8a27-4acf-91bc-3848e7914f96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-05-28T15:10:02.000000Z"}, {"uuid": "3d97e4b9-38e0-4986-ab1c-0a713f4f2c00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "seen", "source": "MISP/ab0b745f-bbd5-338e-8b92-97dd0c757e9d", "content": "", "creation_timestamp": "2025-08-31T03:01:26.000000Z"}, {"uuid": "8beba5d4-b8a0-40a3-9f77-a938dc4e44e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:54.000000Z"}, {"uuid": "ec126c0b-d162-443b-ab15-5bfcede50274", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "seen", "source": "MISP/682055c7-fb73-4d29-be0f-ef00f55f3970", "content": "", "creation_timestamp": "2025-07-03T05:09:44.000000Z"}, {"uuid": "c128202d-378e-4490-a476-a8c54a4a32d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-5274", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3lzfdunone72v", "content": "", "creation_timestamp": "2025-09-22T02:20:07.348544Z"}, {"uuid": "cc44bf8f-5411-41f8-9d24-67e8296177b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "seen", "source": "https://gist.github.com/ozymahdias/8987464fab5e9908ef1e73fbb5187861", "content": "", "creation_timestamp": "2025-10-26T06:26:35.000000Z"}, {"uuid": "3a426fab-a227-4594-9b28-7c58d53b1e00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "seen", "source": "https://bsky.app/profile/concisecyber.bsky.social/post/3m5vfplzoh22r", "content": "", "creation_timestamp": "2025-11-18T09:16:38.074521Z"}, {"uuid": "531676c2-a2a4-48d7-8112-b37dd4949dd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "seen", "source": "https://gist.github.com/burakcanbalta/7e4fa670e296f994509e9ffef99b6aed", "content": "", "creation_timestamp": "2025-11-06T20:21:17.000000Z"}, {"uuid": "67a0e328-c4c1-4321-983d-5704843845a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-5274", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1303", "content": "", "creation_timestamp": "2024-05-27T04:00:00.000000Z"}, {"uuid": "83b7658b-5d83-46db-bc35-ba613a949222", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-5274", "type": "seen", "source": "https://www.govcert.gov.hk/en/alerts_detail.php?id=1302", "content": "", "creation_timestamp": "2024-05-24T04:00:00.000000Z"}, {"uuid": "3f36b086-ffa5-457c-82b2-a8e9446488c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "seen", "source": "https://gist.github.com/jrabenah/cac8452f2a62a8d34fcd45179775a11f", "content": "", "creation_timestamp": "2026-04-08T03:54:07.000000Z"}, {"uuid": "1ce14b40-0135-48cc-b6d8-333bbebb22d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-5274", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/25fff3cd-1069-4937-9f78-a1b22b2fcf3c", "content": "", "creation_timestamp": "2026-02-02T12:26:36.278155Z"}, {"uuid": "7af9910a-b2bc-4035-9b71-7a1615c00f3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7928", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aGuardian Code: A Script to Uncover CVE-2024-5274 Vulnerabilities\nURL\uff1ahttps://github.com/Alchemist3dot14/CVE-2024-5274-Detection\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-10T02:53:15.000000Z"}, {"uuid": "f414691c-243f-4acd-8c42-bf8d931d85b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "exploited", "source": "Telegram/BST1U7XEuh3wTNoyELqe6IW7N6J4nG-W8jlrPq-K78T3fO4", "content": "", "creation_timestamp": "2024-05-24T13:21:29.000000Z"}, {"uuid": "fb9bfd14-0c6c-4d50-8c22-3eb3936c0d47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7926", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aGuardian Code: A Script to Uncover CVE-2024-5274 Vulnerabilities\nURL\uff1ahttps://github.com/Alchemist3dot14/-CVE-2024-5274-Detection\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-10T02:19:28.000000Z"}, {"uuid": "96f46d88-add9-44ff-aac7-4ecdeab171ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "exploited", "source": "https://t.me/freeosint/2030", "content": "Google: \u0420\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0435 \u0445\u0430\u043a\u0435\u0440\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f iOS \u0438 Android \u043e\u0442 NSO. \n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u0438\u0437 Google Threat Analysis Group (TAG) \u0440\u0430\u0441\u0441\u043a\u0430\u0437\u0430\u043b\u0438 \u043e\u0431 \u0430\u043a\u0442\u0438\u0432\u043d\u043e\u0441\u0442\u0438 \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0438 APT29: \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438, \u044f\u043a\u043e\u0431\u044b \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0435 \u0441 \u0420\u043e\u0441\u0441\u0438\u0435\u0439, \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0438 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 NSO Group \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 iOS \u0438 Android.\n\u0410\u0442\u0430\u043a\u0438, \u043f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u044d\u043a\u0441\u043f\u0435\u0440\u0442\u043e\u0432, \u043f\u0440\u043e\u0445\u043e\u0434\u0438\u043b\u0438 \u0441 \u043d\u043e\u044f\u0431\u0440\u044f 2023 \u0433\u043e\u0434\u0430 \u043f\u043e \u0438\u044e\u043b\u044c 2023-\u0433\u043e. \u041a \u0442\u043e\u043c\u0443 \u043c\u043e\u043c\u0435\u043d\u0442\u0443 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043f\u0430\u0442\u0447\u0438, \u043d\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u043f\u043e \u0442\u0440\u0430\u0434\u0438\u0446\u0438\u0438 \u043d\u0435 \u0443\u0441\u043f\u0435\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c\u0441\u044f.\nAPT29, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u0430\u044f \u043f\u043e\u0434 \u0438\u043c\u0435\u043d\u0435\u043c Midnight Blizzard, \u0432 \u043f\u043e\u0448\u043b\u043e\u043c \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0430\u0441\u044c \u0430\u0442\u0430\u043a\u043e\u0439 \u043d\u0430 Microsoft, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u0442\u0440\u043e\u043d\u0443\u043b\u0430 \u0444\u0435\u0434\u0435\u0440\u0430\u043b\u044c\u043d\u044b\u0435 \u043e\u0440\u0433\u0430\u043d\u044b \u0421\u0428\u0410. \u0422\u0435\u043f\u0435\u0440\u044c \u0433\u0440\u0443\u043f\u043f\u0438\u0440\u043e\u0432\u043a\u0430 \u0432\u0437\u044f\u043b\u0430\u0441\u044c \u0437\u0430 \u0432\u043b\u0430\u0441\u0442\u0438 \u041c\u043e\u043d\u0433\u043e\u043b\u0438\u0438.\n\u041a\u0430\u043a \u043e\u0442\u043c\u0435\u0442\u0438\u043b\u0438 \u0432 Google Threat Analysis Group, \u043a\u0438\u0431\u0435\u0440\u043f\u0440\u0435\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u0438 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0438\u0441\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043f\u043e\u0434 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u043c CVE-2023-41993, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0443\u044e WebKit \u0438 \u043f\u0440\u0438\u0432\u043e\u0434\u044f\u0449\u0443\u044e \u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u043e\u0433\u043e \u043a\u043e\u0434\u0430 \u043f\u0440\u0438 \u043e\u0442\u0440\u0430\u0431\u043e\u0442\u043a\u0435 \u0441\u043f\u0435\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0441\u0444\u043e\u0440\u043c\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0432\u0435\u0431-\u043a\u043e\u043d\u0442\u0435\u043d\u0442\u0430.\n\u041a\u0430\u043a \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e, Apple \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043f\u0430\u0442\u0447 \u0434\u043b\u044f \u044d\u0442\u043e\u0439 \u0434\u044b\u0440\u044b \u0432 \u043a\u043e\u043d\u0446\u0435 \u0441\u0435\u043d\u0442\u044f\u0431\u0440\u044f 2022 \u0433\u043e\u0434\u0430. \u0412\u043c\u0435\u0441\u0442\u0435 \u0441 \u043d\u0435\u0439 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0446\u0438\u044f \u0437\u0430\u043a\u0440\u044b\u043b\u0430 CVE-2023-41991 \u0438 CVE-2023-41992.\n\u0412\u043e\u043e\u0440\u0443\u0436\u0438\u0432\u0448\u0438\u0441\u044c \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0438\u043c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u043e\u043c, APT29 \u0441\u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0438\u0440\u043e\u0432\u0430\u043b\u0430 \u0441\u0430\u0439\u0442\u044b mfa.gov[.]mn \u0438 cabinet.gov[.]mn \u0438 \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0430 \u0432 \u043a\u043e\u0434 \u0438\u0445 \u0441\u0442\u0440\u0430\u043d\u0438\u0446 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 iframe. \u0421\u0445\u0435\u043c\u0430 \u0432\u0435\u043a\u0442\u043e\u0440\u0430 \u0432\u044b\u0433\u043b\u044f\u0434\u0435\u043b\u0430 \u0442\u0430\u043a:\n\u00a0\n\u0422\u0430\u043a\u043e\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u043b\u0438 \u043f\u043e\u0445\u0438\u0449\u0430\u0442\u044c cookies \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0435\u0432 iPhone, \u0440\u0430\u0431\u043e\u0442\u0430\u044e\u0449\u0438\u0445 \u043f\u043e\u0434 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435\u043c iOS 16.6.1 \u0438 \u0431\u043e\u043b\u0435\u0435 \u0441\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u0439 \u041e\u0421.\n\u0423\u0436\u0435 \u0432 \u0438\u044e\u043b\u0435 2024-\u0433\u043e \u0433\u0440\u0443\u043f\u043f\u0430 \u0441\u0442\u0430\u043b\u0430 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u044b \u0434\u043b\u044f CVE-2024-5274 \u0438 CVE-2024-4671, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0438\u0435 Google Chrome, \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 Android, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0441\u0435\u0449\u0430\u043b\u0438 \u0441\u0430\u0439\u0442 mga.gov[.]mn.", "creation_timestamp": "2024-10-21T16:49:20.000000Z"}, {"uuid": "b130e1bd-1ccb-4447-a282-314eadcb048d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "published-proof-of-concept", "source": "https://t.me/orderofsixangles/2431", "content": "CVE-2024-5274: A Minor Flaw in V8 Parser Leading to Catastrophes\n\nhttps://www.darknavy.org/blog/cve_2024_5274_a_minor_flaw_in_v8_parser_leading_to_catastrophes/", "creation_timestamp": "2024-09-06T10:11:38.000000Z"}, {"uuid": "9e10a4c9-d18e-41cd-876d-287554292817", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "exploited", "source": "https://t.me/HackingInsights/12333", "content": "\u200aCVE-2024-5274: Chrome Zero-Day Exploited by APT29, PoC Exploit Published\n\nhttps://securityonline.info/cve-2024-5274-chrome-zero-day-exploited-by-apt29-poc-exploit-published/", "creation_timestamp": "2024-09-08T17:47:03.000000Z"}, {"uuid": "e327e3ab-462f-43ec-a719-c53b55012894", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "exploited", "source": "Telegram/--KhdLHb4ZRPaz84dS-nlDBCfvj_oGA9jKlfJpUgTzE3Zg", "content": "", "creation_timestamp": "2024-05-24T15:51:26.000000Z"}, {"uuid": "1467382d-2c5b-4b72-ba84-289d76ca29e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/8512", "content": "The Hacker News\nGoogle Detects 4th Chrome Zero-Day in May Actively Under Attack - Update ASAP\n\nGoogle on Thursday rolled out fixes to address a high-severity security flaw in its Chrome browser that it said has been exploited in the wild.\nAssigned the CVE identifier&nbsp;CVE-2024-5274, the vulnerability relates&nbsp;to a type confusion bug in the V8 JavaScript&nbsp;and WebAssembly engine. It&nbsp;was reported&nbsp;by Cl\u00e9ment Lecigne of Google's Threat Analysis Group and Brendon Tiszka of", "creation_timestamp": "2024-05-24T15:51:22.000000Z"}, {"uuid": "be464fd2-52a7-4336-8a91-eb64952865ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "exploited", "source": "https://t.me/HackingInsights/900", "content": "\u200aCVE-2024-5274: Google Patches Zero-Day Vulnerability Actively Exploited in the Wild\n\nhttps://securityonline.info/cve-2024-5274-google-patches-zero-day-vulnerability-actively-exploited-in-the-wild/", "creation_timestamp": "2024-05-25T15:54:29.000000Z"}, {"uuid": "bfc99d57-e24c-4b6a-b653-fa5f7f3b58dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/830", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:28:37.000000Z"}, {"uuid": "c4cc4f69-e6f7-41dc-aed9-8693170eba40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "exploited", "source": "Telegram/mEtv-WDTGjjebUkPfkob_kYlvdXZEjZDSVngUqvYuKb1pQ", "content": "", "creation_timestamp": "2024-05-24T15:12:43.000000Z"}, {"uuid": "279ace5a-2f9b-435b-942b-de7e058867e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8721", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:28:55.000000Z"}, {"uuid": "dea3ac27-b491-4424-a1dd-62ab9330aa26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "exploited", "source": "https://t.me/tengkorakcybercrewz/1592", "content": "The Hacker News\nGoogle Detects 4th Chrome Zero-Day in May Actively Under Attack - Update ASAP\n\nGoogle on Thursday rolled out fixes to address a high-severity security flaw in its Chrome browser that it said has been exploited in the wild.\nAssigned the CVE identifier&nbsp;CVE-2024-5274, the vulnerability relates&nbsp;to a type confusion bug in the V8 JavaScript&nbsp;and WebAssembly engine. It&nbsp;was reported&nbsp;by Cl\u00e9ment Lecigne of Google's Threat Analysis Group and Brendon Tiszka of", "creation_timestamp": "2024-05-24T15:51:22.000000Z"}, {"uuid": "14056435-2104-4849-a664-1c2a8e3778cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "exploited", "source": "https://t.me/KomunitiSiber/1998", "content": "Google Detects 4th Chrome Zero-Day in May Actively Under Attack - Update ASAP\nhttps://thehackernews.com/2024/05/google-detects-4th-chrome-zero-day-in.html\n\nGoogle on Thursday rolled out fixes to address a high-severity security flaw in its Chrome browser that it said has been exploited in the wild.\nAssigned the CVE identifier\u00a0CVE-2024-5274, the vulnerability relates\u00a0to a type confusion bug in the V8 JavaScript\u00a0and WebAssembly engine. It\u00a0was reported\u00a0by Cl\u00e9ment Lecigne of Google's Threat Analysis Group and Brendon Tiszka of", "creation_timestamp": "2024-05-24T13:35:05.000000Z"}, {"uuid": "22104a83-d530-42c0-ba39-98b1887ef531", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/23702", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:29:06.000000Z"}, {"uuid": "1c70da55-a629-4f6b-9df2-6723ed69c337", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/6177", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0441\u043b\u0435\u0434\u0438\u0442\u044c \u0438 \u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u043c\u0438 \u0442\u0440\u0435\u043d\u0434\u0430\u043c\u0438 \u043f\u043e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c Mistymntncop \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b PoC \u0434\u043b\u044f CVE-2024-5274, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0443\u043b\u0435\u0432\u043e\u0433\u043e \u0434\u043d\u044f \u0432 Chrome, \u043a\u043e\u0442\u043e\u0440\u0443\u044e Google \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0435\u0449\u0435 \u0432 \u043c\u0430\u0435.\n\nQiAnXin \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u0430 \u043e\u0442\u0447\u0435\u0442 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u043e\u0439 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u041b\u0430\u0431\u043e\u0440\u0430\u0442\u043e\u0440\u0438\u0435\u0439 \u041a\u0430\u0441\u043f\u0435\u0440\u0441\u043a\u043e\u0433\u043e \u0438 \u0443\u0436\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u043e\u0439 0-day \u0432 Windows DWM Core, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a\u00a0CVE-2024-30051 \u0438 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0432 \u0430\u0442\u0430\u043a\u0430\u0445 \u043e\u043f\u0435\u0440\u0430\u0442\u043e\u0440\u0430\u043c\u0438 \u0431\u043e\u0442\u043d\u0435\u0442\u0430 Qakbot.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Jamf \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u0438 \u043e\u0431\u0437\u043e\u0440 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u043c\u0435\u0442\u043e\u0434\u043e\u0432 \u043e\u0431\u0445\u043e\u0434\u0430 Gatekeeper macOS \u0434\u043b\u044f \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e.\n\nPatchstack \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 CVE-2024-44000, \u0435\u0449\u0435 \u043e\u0434\u043d\u043e\u0439 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043f\u043b\u0430\u0433\u0438\u043d\u0435 \u043a\u044d\u0448\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u044f LiteSpeed WordPress, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0443\u0447\u0435\u0442\u043d\u044b\u0445 \u0437\u0430\u043f\u0438\u0441\u0435\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\n\u041f\u0435\u0440\u0432\u043e\u0439 \u043f\u043e\u0434\u043e\u0431\u043d\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u043e\u0439 \u0441\u0442\u0430\u043b\u0430 CVE-2024-28000, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0435\u0449\u0435 \u0434\u0432\u0435 \u043d\u0435\u0434\u0435\u043b\u0438 \u043d\u0430\u0437\u0430\u0434 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043b\u0430 \u0444\u0443\u043d\u043a\u0446\u0438\u044e \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043d\u043e\u0432\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0438\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u044c \u0444\u0430\u0439\u043b\u044b cookie \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0438\u0437 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u043e\u0442\u043b\u0430\u0434\u043a\u0438 \u043f\u043b\u0430\u0433\u0438\u043d\u0430.\n\n\u041e\u043d\u0430 \u0431\u044b\u043b\u0430\u00a0\u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 22 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 2024 \u0433\u043e\u0434\u0430, \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e \u0432\u0447\u0435\u0440\u0430 \u0441 \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u043c LiteSpeed Cache \u0432\u0435\u0440\u0441\u0438\u0438 6.5.0.1.\n\nVeeam \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f 18 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432\u044b\u0441\u043e\u043a\u043e\u0439 \u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438 \u0432 Veeam Backup &amp; Replication, Service Provider Console \u0438 One.\n\n\u041d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0439 \u0438\u0437 \u0440\u0430\u0441\u0441\u043c\u043e\u0442\u0440\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f CVE-2024-40711 - \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f (CVSS v3.1: 9,8) \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 Veeam Backup &amp; Replication, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0431\u0435\u0437 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438.\n\nApache \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f CVE-2024-45195 \u0432 \u0441\u0432\u043e\u0435\u043c \u041f\u041e \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c OFBiz (Open For Business), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u0445 Linux \u0438 Windows.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Rapid7 \u0438 \u0432\u044b\u0437\u0432\u0430\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u043f\u0440\u0438\u043d\u0443\u0434\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0442\u043a\u0440\u044b\u0432\u0430\u0435\u0442 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u043d\u044b\u0435 \u043f\u0443\u0442\u0438 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u044f\u043c\u044b\u0445 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432.\n\n\u041a\u043e\u043c\u0430\u043d\u0434\u0430 Apache \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0432\u0435\u0440\u0441\u0438\u0438 18.12.16, \u0434\u043e\u0431\u0430\u0432\u0438\u0432 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0438 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438.\n\n\u0412\u0435\u0440\u043e\u044f\u0442\u043d\u043e\u0441\u0442\u044c \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432\u044b\u0441\u043e\u043a\u0430, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u044d\u0442\u043e \u0441\u0432\u044f\u0437\u0430\u043d\u043e \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 RCE \u0432 OFBiz, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.", "creation_timestamp": "2024-09-06T16:05:05.000000Z"}, {"uuid": "98ba4f37-85b1-4e6a-ad55-5843c7fd6573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3714", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:28:46.000000Z"}, {"uuid": "8a448edb-1ce6-4f37-a8b1-fbbc5fb5b0d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "seen", "source": "Telegram/M3yLh4q-M6887BjuXIPnPffJBuigNZuNRR-n-wPunr-r0Sc", "content": "", "creation_timestamp": "2024-05-27T14:47:53.000000Z"}, {"uuid": "8c544817-1c0a-4123-87a7-5869b9d507ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7389", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:28:55.000000Z"}, {"uuid": "7af84bd0-9191-4036-900e-719062c13bbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "exploited", "source": "https://t.me/true_secator/5774", "content": "\u0422\u0430\u043a\u0438\u043c\u0438 \u0442\u0435\u043c\u043f\u0430\u043c\u0438 Google \u00ab\u043f\u044f\u0442\u0438\u043b\u0435\u0442\u043a\u0443 \u0437\u0430 \u0433\u043e\u0434\u00bb \u043e\u0441\u0438\u043b\u0438\u0442, \u0435\u0441\u043b\u0438 \u043f\u0440\u043e\u0434\u043e\u043b\u0436\u0438\u0442 \u0432 \u043d\u0435\u0434\u0435\u043b\u044e \u043f\u043e 0-day \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u0442\u044c.\n\n\u0412\u043e\u0441\u044c\u043c\u043e\u0439 \u0430\u043a\u0442\u0438\u0432\u043d\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0439 \u043d\u043e\u043b\u044c \u0437\u0430 \u0442\u0435\u043a\u0443\u0449\u0438\u0439 \u0433\u043e\u0434 \u0438\u0441\u043f\u0440\u0430\u0432\u0438\u043b\u0430 Google \u0432 \u0431\u0440\u0430\u0443\u0437\u0435\u0440\u0435 Chrome, \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u0432 \u044d\u043a\u0441\u0442\u0440\u0435\u043d\u043d\u043e\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0430 \u0440\u0435\u0441\u0435\u0440\u0447\u0435\u0440\u043e\u043c Google \u041a\u043b\u0435\u043c\u0430\u043d\u043e\u043c \u041b\u0435\u0441\u0438\u043d\u0435\u043c \u0438 \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a CVE-2024-5274. \u041e\u043d\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0443\u044e \u043f\u0443\u0442\u0430\u043d\u0438\u0446\u0443 \u0442\u0438\u043f\u043e\u0432 \u0432 V8, \u0434\u0432\u0438\u0436\u043a\u0435 JavaScript Chrome, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u0431\u043e\u044f\u043c, \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e \u0434\u0430\u043d\u043d\u044b\u0445, \u0430 \u0442\u0430\u043a\u0436\u0435 RCE.\n\nGoogle \u043d\u0435 \u043f\u043e\u0434\u0435\u043b\u0438\u043b\u0430\u0441\u044c \u0442\u0435\u0445\u043d\u0438\u0447\u0435\u0441\u043a\u0438\u043c\u0438 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u044f\u043c\u0438 \u043e\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u0437\u0430\u044f\u0432\u043b\u044f\u0435\u0442 \u043e \u0441\u0432\u043e\u0435\u0439 \u043e\u0441\u0432\u0435\u0434\u043e\u043c\u043b\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0432 \u043d\u0430\u043b\u0438\u0447\u0438\u0438 \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0434\u043b\u044f CVE-2024-5274 \u0438 \u043f\u043e\u043f\u044b\u0442\u043a\u0430\u0445 \u0435\u0435 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0432 \u0434\u0438\u043a\u043e\u0439 \u043f\u0440\u0438\u0440\u043e\u0434\u0435.\n\n\u0418\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f Chrome \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 125.0.6422.112/.113 \u0434\u043b\u044f Windows \u0438 Mac, \u0430 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Linux \u043f\u043e\u043b\u0443\u0447\u0430\u0442 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0432\u0435\u0440\u0441\u0438\u0438 125.0.6422.112 \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0438\u0435 \u043d\u0435\u0434\u0435\u043b\u0438.", "creation_timestamp": "2024-05-24T13:02:28.000000Z"}, {"uuid": "d1699352-e4ae-408b-acba-8cd4c1313b92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "exploited", "source": "https://t.me/information_security_channel/52259", "content": "Google Patches Fourth Chrome Zero-Day in Two Weeks\nhttps://www.securityweek.com/google-patches-fourth-chrome-zero-day-in-two-weeks/\n\nExploited in the wild, Chrome vulnerability CVE-2024-5274 is a high-severity flaw described as a type confusion in the V8 JavaScript and WebAssembly engine.\nThe post Google Patches Fourth Chrome Zero-Day in Two Weeks (https://www.securityweek.com/google-patches-fourth-chrome-zero-day-in-two-weeks/) appeared first on SecurityWeek (https://www.securityweek.com/).", "creation_timestamp": "2024-05-24T12:27:55.000000Z"}, {"uuid": "c1c4fac3-b643-4c32-8496-946f3041a9b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3095", "content": "https://github.com/mistymntncop/CVE-2024-5274\n\ncve-2024-5274\n\n#github #tools", "creation_timestamp": "2024-09-01T11:57:11.000000Z"}, {"uuid": "ded51447-fee7-4e34-a33f-06b5f2e45b13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "exploited", "source": "https://t.me/thehackernews/5009", "content": "\ud83d\udd25 Urgent: Google released security updates for Chrome to fix a new ZERO-DAY (CVE-2024-5274) under active exploitation in the wild. \n \nDetails - https://thehackernews.com/2024/05/google-detects-4th-chrome-zero-day-in.html \n \nUsers of Chromium-based browsers like Microsoft Edge, Brave, Opera, and Vivaldi should watch for patches.", "creation_timestamp": "2024-05-24T12:15:54.000000Z"}, {"uuid": "dc1a8ed6-829d-4b2e-8867-0b5ba3585ae9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11066", "content": "#exploit\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\nhttps://github.com/mistymntncop/CVE-2024-5274", "creation_timestamp": "2024-09-02T02:57:44.000000Z"}, {"uuid": "71391584-c9d4-4290-b3c5-5c6ddb675798", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2772", "content": "https://github.com/Alchemist3dot14/CVE-2024-5274-Detection\n\nGuardian Code: A Script to Uncover CVE-2024-5274 Vulnerabilities\n#github", "creation_timestamp": "2024-07-10T15:31:50.000000Z"}, {"uuid": "e0889e7e-701c-47aa-883d-4940127e4bde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "published-proof-of-concept", "source": "https://t.me/club31337/2250", "content": "#Chrome 0day #PoC\nCVE-2024-5274\n\n  (v1 = class C1 {\n    static {\n      this;\n    }\n  }) =&gt; {}", "creation_timestamp": "2024-11-11T02:28:59.000000Z"}, {"uuid": "327d6a90-1876-484e-958d-fae004828078", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "seen", "source": "https://t.me/InfoSecInsider/223", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:29:06.000000Z"}, {"uuid": "865051ff-a67d-47a9-8d91-410eee60985c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5274", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/4327", "content": "#exploit\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\nhttps://github.com/mistymntncop/CVE-2024-5274", "creation_timestamp": "2024-09-01T09:52:41.000000Z"}]}