{"vulnerability": "cve-2024-4939", "sightings": [{"uuid": "444e7a53-a197-4960-8cc8-3839d7f8d407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49396", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-291-01", "content": "", "creation_timestamp": "2024-10-17T12:00:00.000000Z"}, {"uuid": "f3fc9ed0-626c-474d-93de-4fc7342a78e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49397", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-291-01", "content": "", "creation_timestamp": "2024-10-17T12:00:00.000000Z"}, {"uuid": "c0459080-a2d7-47ea-873b-8530811db35b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49398", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-291-01", "content": "", "creation_timestamp": "2024-10-17T12:00:00.000000Z"}, {"uuid": "cecbe933-eaa5-4bfa-8220-c57b18e5881b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49399", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-291-01", "content": "", "creation_timestamp": "2024-10-17T12:00:00.000000Z"}, {"uuid": "14059a61-b655-4172-aca8-0362d45bfeeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49393", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113467533040296508", "content": "", "creation_timestamp": "2024-11-12T02:05:52.673935Z"}, {"uuid": "efee115e-1500-4cea-9699-c7bba797c1f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49394", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113467635959866972", "content": "", "creation_timestamp": "2024-11-12T02:32:04.172144Z"}, {"uuid": "3f635894-23ad-4a18-b3cc-68b8df06c07f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49395", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113467635975055460", "content": "", "creation_timestamp": "2024-11-12T02:32:04.209033Z"}, {"uuid": "39e62478-f0aa-4d57-bedf-b7eb165aec54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49399", "type": "seen", "source": "https://t.me/cvedetector/8199", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49399 - Apache Server Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49399 \nPublished : Oct. 17, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : The affected product is vulnerable to an attacker being able to use commands without providing a password which may allow an attacker to leak information. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T19:59:26.000000Z"}, {"uuid": "79e5255f-4129-41ef-ac17-44455bd988da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49394", "type": "seen", "source": "https://t.me/cvedetector/10572", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49394 - Mutt NEOMutt Email Header Forgery\", \n  \"Content\": \"CVE ID : CVE-2024-49394 \nPublished : Nov. 12, 2024, 3:15 a.m. | 16\u00a0minutes ago \nDescription : In mutt and neomutt the In-Reply-To email header field is not protected by cryptographic signing which allows an attacker to reuse an unencrypted but signed email message to impersonate the original sender. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T04:39:20.000000Z"}, {"uuid": "fd8c8639-e5c5-41b4-a9e3-3f999cdc6faa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49395", "type": "seen", "source": "https://t.me/cvedetector/10571", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49395 - Mutt/neomutt PGP Email Header Leaky Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49395 \nPublished : Nov. 12, 2024, 3:15 a.m. | 16\u00a0minutes ago \nDescription : In mutt and neomutt, PGP encryption does not use the --hidden-recipient mode which may leak the Bcc email header field by inferring from the recipients info. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T04:39:19.000000Z"}, {"uuid": "5fc3fe8b-df0b-4dda-84d6-01f8abfdf472", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49393", "type": "seen", "source": "https://t.me/cvedetector/10569", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49393 - Neomutt/mutt Email Header Validation Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-49393 \nPublished : Nov. 12, 2024, 2:15 a.m. | 26\u00a0minutes ago \nDescription : In neomutt and mutt, the To and Cc email headers are not validated by cryptographic signing which allows an attacker that intercepts a message to change their value and include himself as a one of the recipients to compromise message confidentiality. \nSeverity: 7.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T03:49:11.000000Z"}, {"uuid": "dc265909-7e01-4702-97ff-c9e2de150175", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49398", "type": "seen", "source": "https://t.me/cvedetector/8196", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49398 - Apache HTTP Server Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-49398 \nPublished : Oct. 17, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : The affected product is vulnerable to unrestricted file uploads, which may allow an attacker to remotely execute code. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T19:59:24.000000Z"}, {"uuid": "07fea3c7-90e8-406d-acd2-bc4f8de38073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49392", "type": "seen", "source": "https://t.me/cvedetector/8156", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49392 - Acronis Cyber Files Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49392 \nPublished : Oct. 17, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Stored cross-site scripting (XSS) vulnerability on enrollment invitation page. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. \nSeverity: 5.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T13:17:43.000000Z"}, {"uuid": "82327111-9720-40ad-a3dc-ac1b5daab39f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49391", "type": "seen", "source": "https://t.me/cvedetector/8155", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49391 - Acronis Cyber Files DLL Hijacking Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49391 \nPublished : Oct. 17, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. \nSeverity: 6.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T13:17:42.000000Z"}, {"uuid": "e2d118b1-6e2c-4a52-8b6c-ac9f88adeef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49390", "type": "seen", "source": "https://t.me/cvedetector/8154", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49390 - Acronis Cyber Files DLL Hijacking Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49390 \nPublished : Oct. 17, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis Cyber Files (Windows) before build 9.0.0x24. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T13:17:41.000000Z"}, {"uuid": "2861b175-61e3-4d3f-8cd5-01cffc30a846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49397", "type": "seen", "source": "https://t.me/cvedetector/8198", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49397 - Microsoft SharePoint Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49397 \nPublished : Oct. 17, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : The affected product is vulnerable to a cross-site scripting attack which may allow an attacker to bypass authentication and takeover admin accounts. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T19:59:25.000000Z"}, {"uuid": "fca42370-ee3c-42bf-9cc5-36940223d2df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49396", "type": "seen", "source": "https://t.me/cvedetector/8197", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49396 - Elvaco Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-49396 \nPublished : Oct. 17, 2024, 5:15 p.m. | 35\u00a0minutes ago \nDescription : The affected product is vulnerable due to insufficiently protected credentials, which may allow an attacker to impersonate Elvaco and send false information. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T19:59:25.000000Z"}]}