{"vulnerability": "cve-2024-3972", "sightings": [{"uuid": "4175b94e-49d2-476a-a040-5ed90864c02d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39725", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113713829431657900", "content": "", "creation_timestamp": "2024-12-25T14:02:21.416045Z"}, {"uuid": "0cfad7ec-fc04-46b3-986b-79099ceb3a04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39727", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113713829447547010", "content": "", "creation_timestamp": "2024-12-25T14:02:21.694893Z"}, {"uuid": "7a0e2a6d-a502-4d5b-80b7-f2780221299a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39725", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3le55ityi2k25", "content": "", "creation_timestamp": "2024-12-25T14:15:47.106137Z"}, {"uuid": "c7833586-5c46-45c2-9af1-1b7bc6952b7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39727", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3le55iwa6yf2f", "content": "", "creation_timestamp": "2024-12-25T14:15:49.065089Z"}, {"uuid": "8755b241-ea5c-4496-a29d-76b61fd8bb90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39722", "type": "seen", "source": "https://gist.github.com/vitaliysobur/f447fc26c0787121f1dd7c923623486f", "content": "", "creation_timestamp": "2026-02-21T14:07:01.000000Z"}, {"uuid": "367cd75d-8e71-43c4-bee4-f6e96ac56d01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39720", "type": "seen", "source": "MISP/9e6b1b0e-5fb2-46d6-9aaf-7c64a1324e40", "content": "", "creation_timestamp": "2025-09-24T00:43:17.000000Z"}, {"uuid": "336ace5e-235f-4553-9c94-1a49329acade", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39721", "type": "seen", "source": "MISP/9e6b1b0e-5fb2-46d6-9aaf-7c64a1324e40", "content": "", "creation_timestamp": "2025-09-24T00:43:17.000000Z"}, {"uuid": "df934ced-c7a1-459a-b4d3-e85009406174", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3972", "type": "seen", "source": "MISP/9e6b1b0e-5fb2-46d6-9aaf-7c64a1324e40", "content": "", "creation_timestamp": "2025-09-24T00:43:17.000000Z"}, {"uuid": "b430557a-03a9-47e4-81bf-ff6c5c09ce4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39726", "type": "seen", "source": "https://t.me/cvedetector/11126", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39726 - IBM Engineering Lifecycle Optimization Engineering Insights XML External Entity Injection (XXE) Attack\", \n  \"Content\": \"CVE ID : CVE-2024-39726 \nPublished : Nov. 15, 2024, 5:15 p.m. | 41\u00a0minutes ago \nDescription : IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T19:07:53.000000Z"}, {"uuid": "99189441-58f4-4e16-bb77-30e5c4f51714", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39721", "type": "seen", "source": "https://gist.github.com/vitaliysobur/f447fc26c0787121f1dd7c923623486f", "content": "", "creation_timestamp": "2026-02-21T14:07:01.000000Z"}, {"uuid": "653b4d7c-ff4b-489d-bf13-7c4cbac66bcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39720", "type": "seen", "source": "https://gist.github.com/vitaliysobur/f447fc26c0787121f1dd7c923623486f", "content": "", "creation_timestamp": "2026-02-21T14:07:01.000000Z"}, {"uuid": "4f10df42-540f-49d7-9b8a-a773c91cd3a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39725", "type": "seen", "source": "https://t.me/cvedetector/13625", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39725 - IBM Engineering Lifecycle Optimization - Engineering Insights Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-39725 \nPublished : Dec. 25, 2024, 2:15 p.m. | 40\u00a0minutes ago \nDescription : IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-25T16:19:16.000000Z"}, {"uuid": "53488ff8-e82f-4e91-8b0a-3a67caf31306", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39727", "type": "seen", "source": "https://t.me/cvedetector/13624", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39727 - IBM Engineering Lifecycle Optimization - Engineering Insights Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-39727 \nPublished : Dec. 25, 2024, 2:15 p.m. | 40\u00a0minutes ago \nDescription : IBM Engineering Lifecycle Optimization - Engineering Insights 7.0.2 and 7.0.3\u00a0uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims\u2019 web browser. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-25T16:19:15.000000Z"}, {"uuid": "bc0966de-a972-4ab7-b291-f76a795d9d73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39722", "type": "seen", "source": "https://t.me/cvedetector/9533", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39722 - Ollama Path Traversal Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-39722 \nPublished : Oct. 31, 2024, 8:15 p.m. | 37\u00a0minutes ago \nDescription : An issue was discovered in Ollama before 0.1.46. It exposes which files exist on the server on which it is deployed via path traversal in the api/push route. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-31T21:57:40.000000Z"}, {"uuid": "63dcef31-eb8e-4f27-b351-e0cd6aa77ef1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39723", "type": "seen", "source": "https://t.me/cvedetector/168", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39723 - IBM FlashSystem 5300 USB ports may be usable even\", \n  \"Content\": \"CVE ID : CVE-2024-39723 \nPublished : July 8, 2024, 1:15 a.m. | 16\u00a0minutes ago \nDescription : IBM FlashSystem 5300 USB ports may be usable even if the port has been disabled by the administrator. A user with physical access to the system could use the USB port to cause loss of access to data.  IBM X-Force ID:  295935. \nSeverity: 4.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-08T03:37:46.000000Z"}, {"uuid": "b1881779-e2a1-49d2-bab9-c12fb104304a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39721", "type": "seen", "source": "https://t.me/cvedetector/9538", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39721 - Ollama denial of service (DoS)\", \n  \"Content\": \"CVE ID : CVE-2024-39721 \nPublished : Oct. 31, 2024, 8:15 p.m. | 37\u00a0minutes ago \nDescription : An issue was discovered in Ollama before 0.1.34. The CreateModelHandler function uses os.Open to read a file until completion. The req.Path parameter is user-controlled and can be set to /dev/random, which is blocking, causing the goroutine to run infinitely (even after the HTTP request is aborted by the client). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-31T21:57:47.000000Z"}, {"uuid": "43d7b2fe-beec-4292-8c5c-409f73aadcf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39720", "type": "seen", "source": "https://t.me/cvedetector/9537", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39720 - Ollama HTTP Request Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-39720 \nPublished : Oct. 31, 2024, 8:15 p.m. | 37\u00a0minutes ago \nDescription : An issue was discovered in Ollama before 0.1.46. An attacker can use two HTTP requests to upload a malformed GGUF file containing just 4 bytes starting with the GGUF custom magic header. By leveraging a custom Modelfile that includes a FROM statement pointing to the attacker-controlled blob file, the attacker can crash the application through the CreateModel route, leading to a segmentation fault (signal SIGSEGV: segmentation violation). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-31T21:57:43.000000Z"}, {"uuid": "a7eaf332-0a77-40b0-b508-c8099c903049", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39729", "type": "seen", "source": "https://t.me/cvedetector/837", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39729 - IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8,\", \n  \"Content\": \"CVE ID : CVE-2024-39729 \nPublished : July 15, 2024, 3:15 a.m. | 34\u00a0minutes ago \nDescription : IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 could allow an authenticated user to obtain sensitive information from source code that could be used in further attacks against the system.  IBM X-Force ID:  295968. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-15T05:58:23.000000Z"}, {"uuid": "dcf3eabd-474b-44c1-be77-4c1cf50f810e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39728", "type": "seen", "source": "https://t.me/cvedetector/829", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-39728 - IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8,\", \n  \"Content\": \"CVE ID : CVE-2024-39728 \nPublished : July 15, 2024, 2:15 a.m. | 34\u00a0minutes ago \nDescription : IBM Datacap Navigator 9.1.5, 9.1.6, 9.1.7, 9.1.8, and 9.1.9 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.  IBM X-Force ID:  295967. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-15T05:08:12.000000Z"}, {"uuid": "f8e31634-57ce-4ec2-9e71-f5772213173b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39727", "type": "seen", "source": "https://t.me/ZeroDay_ru/351", "content": "\u203c\ufe0f CVE-2024-39727 \u203c\ufe0f\n\nIBM Engineering Lifecycle Optimization  Engineering Insights 7.0.2 and 7.0.3\u00a0uses a web link with untrusted references to an external site. A remote attacker could exploit this vulnerability to expose sensitive information or perform unauthorized actions on the victims web browser.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"National Vulnerability Database\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity_CVEs", "creation_timestamp": "2024-12-25T16:00:47.000000Z"}, {"uuid": "17d4cfb7-3582-478b-ad41-77812a08f9c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39722", "type": "published-proof-of-concept", "source": "Telegram/r84uk1c1f1koqzztiTdxByQ9BLtYAaDiWUWNZ6l_8-95JYw", "content": "", "creation_timestamp": "2025-05-07T17:00:13.000000Z"}, {"uuid": "8e13e3bb-148b-4d19-a624-13359b7c1bf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-39720", "type": "seen", "source": "https://bsky.app/profile/thedailytechfeed.com/post/3mllqe756ol2v", "content": "Critical out-of-bounds read vulnerability (CVE-2024-39720) discovered in Ollama AI framework. Update to version 0.1.46 to mitigate risks. #CyberSecurity #AI #Ollama #Vulnerability Link: thedailytechfeed.com/critical-vul...", "creation_timestamp": "2026-05-11T16:53:01.636703Z"}]}