{"vulnerability": "cve-2024-4094", "sightings": [{"uuid": "6d94711c-74cd-49f6-9f72-8b559921e9c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-40947", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "4f5f1872-bda9-41b1-8d75-77fbc513691d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40941", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "1816e881-d6ca-4d3b-b848-e67e77726506", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40942", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "a381b8f3-0986-453d-bd90-11168a54d7b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40947", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "4ccfd98f-2743-4450-9abb-883a50482883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40943", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "8fd14906-d281-4db0-9b27-871fe2b7b204", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40945", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "e14a7ca0-dfc6-47fa-940e-e1f9a6005416", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40945", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4898", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-40945\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\niommu: Return right value in iommu_sva_bind_device()\n\niommu_sva_bind_device() should return either a sva bond handle or an\nERR_PTR value in error cases. Existing drivers (idxd and uacce) only\ncheck the return value with IS_ERR(). This could potentially lead to\na kernel NULL pointer dereference issue if the function returns NULL\ninstead of an error pointer.\n\nIn reality, this doesn't cause any problems because iommu_sva_bind_device()\nonly returns NULL when the kernel is not configured with CONFIG_IOMMU_SVA.\nIn this case, iommu_dev_enable_feature(dev, IOMMU_DEV_FEAT_SVA) will\nreturn an error, and the device drivers won't call iommu_sva_bind_device()\nat all.\n\ud83d\udccf Published: 2024-07-12T12:25:19.164Z\n\ud83d\udccf Modified: 2025-02-21T13:45:06.636Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/700f564758882db7c039dfba9443fe762561a3f8\n2. https://git.kernel.org/stable/c/cf34f8f66982a36e5cba0d05781b21ec9606b91e\n3. https://git.kernel.org/stable/c/2973b8e7d127754de9013177c41c0b5547406998\n4. https://git.kernel.org/stable/c/6325eab6c108fed27f60ff51852e3eac0ba23f3f\n5. https://git.kernel.org/stable/c/7388ae6f26c0ba95f70cc96bf9c5d5cb06c908b6\n6. https://git.kernel.org/stable/c/61a96da9649a6b6a1a5d5bde9374b045fdb5c12e\n7. https://git.kernel.org/stable/c/89e8a2366e3bce584b6c01549d5019c5cda1205e", "creation_timestamp": "2025-02-21T14:18:36.000000Z"}, {"uuid": "cc8bc3a7-65be-4ef8-b740-6ee547d77a13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4094", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8005", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4094\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Simple Share Buttons Adder WordPress plugin before 8.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed\n\ud83d\udccf Published: 2024-06-18T06:00:02.301Z\n\ud83d\udccf Modified: 2025-03-18T20:25:05.878Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/04b2feba-e009-4fce-8539-5dfdb4300433/", "creation_timestamp": "2025-03-18T20:48:29.000000Z"}, {"uuid": "2dd67071-7788-431a-aaad-cfb5b08383fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40945", "type": "seen", "source": "Telegram/ORzEuWXvIyoumP8DzeA1wY4TER2LyW7K1HGuVplZfB8dwvcy", "content": "", "creation_timestamp": "2025-02-21T22:10:23.000000Z"}]}