{"vulnerability": "CVE-2024-5325", "sightings": [{"uuid": "8698eaad-c88f-453b-8684-2bdf82597558", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53255", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113545160626933910", "content": "", "creation_timestamp": "2024-11-25T19:07:35.673193Z"}, {"uuid": "3e67e80c-ca5b-42e1-a077-3fd8d5fb1606", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53258", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113545237467385913", "content": "", "creation_timestamp": "2024-11-25T19:27:08.126599Z"}, {"uuid": "271dcf0e-4426-4cf3-8fa0-cb82625ac02b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53253", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113528383566189459", "content": "", "creation_timestamp": "2024-11-22T20:00:58.018639Z"}, {"uuid": "4a624aed-19c7-4bc6-b2a7-e3dcabd54ab8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53257", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113589692294110204", "content": "", "creation_timestamp": "2024-12-03T15:52:34.811382Z"}, {"uuid": "b88ccae7-1ab2-4e14-87cd-f7fe13a5f6ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53256", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113702816597150919", "content": "", "creation_timestamp": "2024-12-23T15:21:34.769180Z"}, {"uuid": "87e88861-a3bc-499c-8073-b33944b7b73f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53250", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcz2ts6yje2n", "content": "", "creation_timestamp": "2026-01-22T11:18:34.341322Z"}, {"uuid": "62699bff-6d11-41e3-8de0-e25b38bd6bf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53252", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcz2yblmdo2t", "content": "", "creation_timestamp": "2026-01-22T11:21:06.668031Z"}, {"uuid": "dbbb13ad-61bf-434b-a652-8f599f001b6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53251", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcz3iktiyi23", "content": "", "creation_timestamp": "2026-01-22T11:30:11.679902Z"}, {"uuid": "830da8ef-a9d1-479e-b55b-3ef4c9a0b2f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53257", "type": "seen", "source": "https://t.me/cvedetector/11889", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-53257 - Vitess Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-53257 \nPublished : Dec. 3, 2024, 4:15 p.m. | 37\u00a0minutes ago \nDescription : Vitess is a database clustering system for horizontal scaling of MySQL. The /debug/querylogz and /debug/env pages for vtgate and vttablet do not properly escape user input. The result is that queries executed by Vitess can write HTML into the monitoring page at will. These pages are rendered using text/template instead of rendering with a proper HTML templating engine. This vulnerability is fixed in 21.0.1, 20.0.4, and 19.0.8. \nSeverity: 4.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-03T18:10:19.000000Z"}, {"uuid": "e1383640-cd8a-4913-be72-7b9106b3ddd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53256", "type": "seen", "source": "https://t.me/cvedetector/13541", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-53256 - Rizin Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-53256 \nPublished : Dec. 23, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Rizin is a UNIX-like reverse engineering framework and command-line toolset. `rizin.c` still had an old snippet of code which suffered a command injection due the usage of `rz_core_cmdf` to invoke the command `m` which was removed in v0.1.x. A malicious binary defining `bclass` (part of RzBinInfo) is executed if `rclass` (part of RzBinInfo) is set to `fs`; the vulnerability can be exploited by any bin format where `bclass` and `rclass` are user defined. This vulnerability is fixed in 0.7.4. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-23T18:20:07.000000Z"}, {"uuid": "e6fb1e07-7d25-46b3-8403-3a518f3ffc7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5325", "type": "seen", "source": "https://t.me/cvedetector/722", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5325 - The Form Vibes plugin for WordPress is vulnerable\", \n  \"Content\": \"CVE ID : CVE-2024-5325 \nPublished : July 12, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : The Form Vibes plugin for WordPress is vulnerable to SQL Injection via the \u2018fv_export_data\u2019 parameter in all versions up to, and including, 1.4.10 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-12T16:04:56.000000Z"}, {"uuid": "4a383e99-4d88-4613-ac7c-6ee94eb2f389", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-53259", "type": "seen", "source": "https://t.me/cvedetector/11806", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-53259 - quic-go is an implementation of the QUIC protocol\", \n  \"Content\": \"CVE ID : CVE-2024-53259 \nPublished : Dec. 2, 2024, 5:15 p.m. | 51\u00a0minutes ago \nDescription : quic-go is an implementation of the QUIC protocol in Go. An off-path attacker can inject an ICMP Packet Too Large packet. Since affected quic-go versions used IP_PMTUDISC_DO, the kernel would then return a \"message too large\" error on sendmsg, i.e. when quic-go attempts to send a packet that exceeds the MTU claimed in that ICMP packet. By setting this value to smaller than 1200 bytes (the minimum MTU for QUIC), the attacker can disrupt a QUIC connection. Crucially, this can be done after completion of the handshake, thereby circumventing any TCP fallback that might be implemented on the application layer (for example, many browsers fall back to HTTP over TCP if they're unable to establish a QUIC connection). The attacker needs to at least know the client's IP and port tuple to mount an attack. This vulnerability is fixed in 0.48.2. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-02T19:35:51.000000Z"}]}