{"vulnerability": "CVE-2024-5680", "sightings": [{"uuid": "7dd45dbe-6533-4318-9ff1-111b46db63cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5680", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-345-02", "content": "", "creation_timestamp": "2024-12-10T11:00:00.000000Z"}, {"uuid": "52ba846a-d370-4ecb-bff3-d2e3008199a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56801", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113743149419974697", "content": "", "creation_timestamp": "2024-12-30T18:18:44.847046Z"}, {"uuid": "0134b926-986e-43bb-b556-af701a739cf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56800", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113743201037683692", "content": "", "creation_timestamp": "2024-12-30T18:31:52.516127Z"}, {"uuid": "1da45791-f8d2-4a93-a6b9-d25fa4540aaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56802", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113748100084170494", "content": "", "creation_timestamp": "2024-12-31T15:17:46.006032Z"}, {"uuid": "3f3d04cf-44a0-4328-9f00-432fc0886f86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56802", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lemgzfyxnj2e", "content": "", "creation_timestamp": "2024-12-31T16:16:03.516562Z"}, {"uuid": "9a8c9e53-c930-4b1f-b107-c34b3fe7e5c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56803", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113749897141823585", "content": "", "creation_timestamp": "2024-12-31T22:54:46.900813Z"}, {"uuid": "5701636d-4ebd-4c10-bd78-4cd1f8a28cc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56803", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3len6iijmo625", "content": "", "creation_timestamp": "2024-12-31T23:16:04.286979Z"}, {"uuid": "d405054c-bf2d-4ee5-88a5-e448a3835549", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56803", "type": "seen", "source": "https://bsky.app/profile/dgl.cx/post/3len7kjaczk2f", "content": "", "creation_timestamp": "2024-12-31T23:35:06.696689Z"}, {"uuid": "5f2d24c5-a006-4c7c-81f4-05aa836adce4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56803", "type": "seen", "source": "https://bsky.app/profile/wiretor.bsky.social/post/3leoycv2yos2d", "content": "", "creation_timestamp": "2025-01-01T16:30:58.182914Z"}, {"uuid": "6423ed52-7981-4fc3-a295-501f45ab97f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56809", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mbpbrb3sdt2x", "content": "", "creation_timestamp": "2026-01-05T20:30:36.479568Z"}, {"uuid": "f775757d-fda5-4709-89b3-f70a4042a393", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56800", "type": "seen", "source": "https://t.me/cvedetector/13949", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56800 - Firecrawl SSRF\", \n  \"Content\": \"CVE ID : CVE-2024-56800 \nPublished : Dec. 30, 2024, 7:15 p.m. | 38\u00a0minutes ago \nDescription : Firecrawl is a web scraper that allows users to extract the content of a webpage for a large language model. Versions prior to 1.1.1 contain a server-side request forgery (SSRF) vulnerability. The scraping engine could be exploited by crafting a malicious site that redirects to a local IP address. This allowed exfiltration of local network resources through the API. The cloud service was patched on December 27th, 2024, and the maintainers have checked that no user data was exposed by this vulnerability. Scraping engines used in the open sourced version of Firecrawl were patched on December 29th, 2024, except for the playwright services which the maintainers have determined to be un-patchable. All users of open-source software (OSS) Firecrawl should upgrade to v1.1.1. As a workaround, OSS Firecrawl users should supply the playwright services with a secure proxy. A proxy can be specified through the `PROXY_SERVER` env in the environment variables. Please refer to the documentation for instructions. Ensure that the proxy server one is using is setup to block all traffic going to link-local IP addresses. \nSeverity: 7.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-30T20:58:58.000000Z"}, {"uuid": "60335200-d69c-44ab-9140-b2ffeec1e5ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56802", "type": "seen", "source": "https://t.me/cvedetector/14042", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56802 - Tapir Unauthenticated Write Access UNauthenticated Write Access\", \n  \"Content\": \"CVE ID : CVE-2024-56802 \nPublished : Dec. 31, 2024, 4:15 p.m. | 31\u00a0minutes ago \nDescription : Tapir is a private Terraform registry. Tapir versions 0.9.0 and 0.9.1 are facing a critical issue with scope-able Deploykeys where attackers can guess the key to get write access to the registry.  User must upgrade to 0.9.2. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-31T17:53:43.000000Z"}, {"uuid": "fc36e86f-69f1-4a99-9294-65a250905f8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56801", "type": "seen", "source": "https://t.me/cvedetector/13950", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56801 - GLPI Tasklists Blind SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-56801 \nPublished : Dec. 30, 2024, 7:15 p.m. | 38\u00a0minutes ago \nDescription : Tasklists provides plugin tasklists for GLPI. Versions prior to 2.0.4 have a blind SQL injection vulnerability. Version 2.0.4 contains a patch for the vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-30T20:58:59.000000Z"}, {"uuid": "97ba7a67-a1dc-4efd-b101-9c282e1c181e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56803", "type": "seen", "source": "https://t.me/cvedetector/14066", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56803 - Ghostty Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-56803 \nPublished : Dec. 31, 2024, 11:15 p.m. | 19\u00a0minutes ago \nDescription : Ghostty is a cross-platform terminal emulator. Ghostty, as allowed by default in 1.0.0, allows attackers to modify the window title via a certain character escape sequence and then insert it back to the command line in the user's terminal, e.g. when the user views a file containing the malicious sequence, which could allow the attacker to execute arbitrary commands. This attack requires an attacker to send malicious escape sequences followed by convincing the user to physically press the \"enter\" key. Fixed in Ghostty v1.0.1. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-01T00:36:21.000000Z"}, {"uuid": "8b7eaaae-9902-45e2-9bf9-c4c07a8bfd94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5680", "type": "seen", "source": "https://t.me/cvedetector/650", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5680 - CWE-129: Improper Validation of Array Index vulner\", \n  \"Content\": \"CVE ID : CVE-2024-5680 \nPublished : July 11, 2024, 9:15 a.m. | 20\u00a0minutes ago \nDescription : CWE-129: Improper Validation of Array Index vulnerability exists that could cause local denial-of-service when a malicious actor with local user access crafts a script/program using an IOCTL  \ncall in the Foxboro.sys driver. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T11:37:50.000000Z"}]}