{"vulnerability": "CVE-2024-5803", "sightings": [{"uuid": "962cb856-5310-474b-8efd-3134c62586a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-58036", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lm3g5iosxl2r", "content": "", "creation_timestamp": "2025-04-05T17:06:43.315563Z"}, {"uuid": "9ce703a9-0d3b-4210-8137-c4f79d365b2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-58034", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "09d50fdc-1ed1-4b01-9844-1ad04dd80ec4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-58036", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10607", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-58036\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Net::Dropbox::API 1.9 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.\n\nSpecifically Net::Dropbox::API uses the Data::Random library which specifically states that it is \"Useful mostly for test programs\". Data::Random uses the rand() function.\n\ud83d\udccf Published: 2025-04-05T16:06:53.758Z\n\ud83d\udccf Modified: 2025-04-05T16:06:53.758Z\n\ud83d\udd17 References:\n1. https://perldoc.perl.org/functions/rand\n2. https://security.metacpan.org/docs/guides/random-data-for-security.html\n3. https://metacpan.org/release/BAREFOOT/Data-Random-0.13/source/lib/Data/Random.pm#L537\n4. https://metacpan.org/release/NORBU/Net-Dropbox-API-1.9/source/lib/Net/Dropbox/API.pm#L385\n5. https://metacpan.org/release/NORBU/Net-Dropbox-API-1.9/source/lib/Net/Dropbox/API.pm#L11", "creation_timestamp": "2025-04-05T16:39:07.000000Z"}, {"uuid": "0bf53d1e-fdd4-437a-a33d-d144de59b2fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-58036", "type": "seen", "source": "https://t.me/cvedetector/22193", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-58036 - Dropbox::API Cryptographically Insecure Random Number Generation\", \n  \"Content\": \"CVE ID : CVE-2024-58036 \nPublished : April 5, 2025, 4:15 p.m. | 36\u00a0minutes ago \nDescription : Net::Dropbox::API 1.9 and earlier for Perl uses the rand() function as the default source of entropy, which is not cryptographically secure, for cryptographic functions.  \n  \nSpecifically Net::Dropbox::API uses the Data::Random library which specifically states that it is \"Useful mostly for test programs\". Data::Random uses the rand() function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-05T19:05:41.000000Z"}, {"uuid": "bdfd95bc-686b-49f7-b05b-fdfa058f8d68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5803", "type": "seen", "source": "https://t.me/cvedetector/6897", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5803 - Avast Antivirus AVGUI.exe COM Hijack Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-5803 \nPublished : Oct. 3, 2024, 3:15 p.m. | 38\u00a0minutes ago \nDescription : The AVGUI.exe of AVG/Avast Antivirus before versions before 24.1 can allow a local attacker to escalate privileges via an COM hijack in a time-of-check to time-of-use (TOCTOU) when self protection is disabled. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-03T18:17:17.000000Z"}]}