{"vulnerability": "cve-2024-4667", "sightings": [{"uuid": "2a3381d4-5981-43e2-afff-3859883b7ccf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46670", "type": "seen", "source": "https://cyberplace.social/users/GossiTheDog/statuses/113827347482732049", "content": "", "creation_timestamp": "2025-01-14T15:11:37.876851Z"}, {"uuid": "5b03a98f-462c-4305-ba1d-f16b4bd5cb95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46670", "type": "seen", "source": "https://bsky.app/profile/GossiTheDog.cyberplace.social.ap.brid.gy/post/3lfpjxhgkq5q2", "content": "", "creation_timestamp": "2025-01-14T15:11:57.869155Z"}, {"uuid": "cf3130d4-9912-45bf-b061-fa55771c094e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46670", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113827532336420853", "content": "", "creation_timestamp": "2025-01-14T15:58:25.892780Z"}, {"uuid": "4ec1ae36-cab8-4e89-a3c6-ed95f2612cf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46670", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpgwige4o2d", "content": "", "creation_timestamp": "2025-01-14T14:17:34.960404Z"}, {"uuid": "3c29971f-b902-4d18-9e83-ec42acf00121", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-46678", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "1fc58058-3d5e-49f3-9a4b-025f12171744", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46670", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-06", "content": "", "creation_timestamp": "2025-02-13T11:00:00.000000Z"}, {"uuid": "900af565-390b-45f1-8f52-8eb7b7f09a84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46671", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmcygejqeu2v", "content": "", "creation_timestamp": "2025-04-08T17:22:27.561381Z"}, {"uuid": "8f036cfc-f94e-423e-8f48-319bc734d150", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46676", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "e19257d7-34ad-4602-b345-2a2df9dc86f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46677", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "30a76d0d-76d0-4ebb-baef-f095bc8a830b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46674", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "8789b5c4-61c3-4c11-b973-177feafe1ac2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46673", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "c56d0507-69f8-4d49-acec-a79492d51a14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46675", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "3aafdf60-e1fe-4d4e-b6af-48149d6438e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46679", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "f42f269f-e6ee-4245-bdfc-74a6cd686e86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46670", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1606", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46670\n\ud83d\udd39 Description: An\u00a0Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an unauthenticated remote attacker to trigger memory consumption leading to Denial of Service via crafted requests.\n\ud83d\udccf Published: 2025-01-14T14:08:41.759Z\n\ud83d\udccf Modified: 2025-01-14T20:56:44.074Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-266", "creation_timestamp": "2025-01-14T21:10:18.000000Z"}, {"uuid": "2d107eef-4e4d-448d-859f-866e95fe1fde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46672", "type": "seen", "source": "https://t.me/cvedetector/5371", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46672 - \"Qualcomm Wi-Fi brcmfmac NULL Pointer Dereference\"\", \n  \"Content\": \"CVE ID : CVE-2024-46672 \nPublished : Sept. 11, 2024, 4:15 p.m. | 16\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nwifi: brcmfmac: cfg80211: Handle SSID based pmksa deletion  \n  \nwpa_supplicant 2.11 sends since 1efdba5fdc2c (\"Handle PMKSA flush in the  \ndriver for SAE/OWE offload cases\") SSID based PMKSA del commands.  \nbrcmfmac is not prepared and tries to dereference the NULL bssid and  \npmkid pointers in cfg80211_pmksa. PMKID_V3 operations support SSID based  \nupdates so copy the SSID. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-11T18:41:26.000000Z"}, {"uuid": "25d0bbe2-f175-4669-af31-dad17cfd96ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46671", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10915", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46671\n\ud83d\udd25 CVSS Score: 5.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:H/E:P/RL:U/RC:R)\n\ud83d\udd39 Description: An Incorrect User Management vulnerability [CWE-286] in FortiWeb version 7.6.2 and below, version 7.4.6 and below, version 7.2.10 and below, version 7.0.11 and below widgets dashboard may allow an authenticated attacker with at least read-only admin permission to perform operations on the dashboard of other administrators via crafted requests.\n\ud83d\udccf Published: 2025-04-08T14:02:59.350Z\n\ud83d\udccf Modified: 2025-04-08T14:30:24.831Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-184", "creation_timestamp": "2025-04-08T14:47:05.000000Z"}, {"uuid": "58bafc4e-7f22-47c1-9aaf-1df4d2a044a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46671", "type": "seen", "source": "https://t.me/cvedetector/22468", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46671 - FortiWeb User Management Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46671 \nPublished : April 8, 2025, 2:15 p.m. | 1\u00a0hour, 12\u00a0minutes ago \nDescription : An Incorrect User Management vulnerability [CWE-286] in FortiWeb version 7.6.2 and below, version 7.4.6 and below, version 7.2.10 and below, version 7.0.11 and below widgets dashboard may allow an authenticated attacker with at least read-only admin permission to perform operations on the dashboard of other administrators via crafted requests. \nSeverity: 6.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T18:11:02.000000Z"}, {"uuid": "345a080d-1f6b-4752-a958-072788266a97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46670", "type": "seen", "source": "https://t.me/cvedetector/15263", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46670 - \"FortiOS FortiSASE Out-of-bounds Read Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-46670 \nPublished : Jan. 14, 2025, 2:15 p.m. | 21\u00a0minutes ago \nDescription : An\u00a0Out-of-bounds Read vulnerability [CWE-125] in FortiOS version 7.6.0, version 7.4.4 and below, version 7.2.9 and below and FortiSASE FortiOS tenant version 24.3.b IPsec IKE service may allow an unauthenticated remote attacker to trigger memory consumption leading to Denial of Service via crafted requests. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T15:39:48.000000Z"}, {"uuid": "cae16636-69fc-4e27-bf4d-11683656b5b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4667", "type": "seen", "source": "https://t.me/cvedetector/240", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-4667 - The Blog, Posts and Category Filter for Elementor\", \n  \"Content\": \"CVE ID : CVE-2024-4667 \nPublished : July 9, 2024, 5:15 a.m. | 19\u00a0minutes ago \nDescription : The Blog, Posts and Category Filter for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Post and Category Filter widget in all versions up to, and including, 1.0.3 due to insufficient input sanitization and output escaping on user supplied 'post_types' attribute. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T07:38:22.000000Z"}]}