{"vulnerability": "cve-2024-5467", "sightings": [{"uuid": "f623b8ab-4a4d-4006-9e20-05fd2e391935", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54675", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113596616535087156", "content": "", "creation_timestamp": "2024-12-04T21:13:30.297805Z"}, {"uuid": "389585fa-3ddd-4e2e-9bf5-5336a87f7e59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54679", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113600625283050849", "content": "", "creation_timestamp": "2024-12-05T14:12:59.097134Z"}, {"uuid": "600c45e8-0e8b-45a1-8407-fdede42b91c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54674", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113596557535273299", "content": "", "creation_timestamp": "2024-12-04T20:58:30.508210Z"}, {"uuid": "f0154acf-e830-4234-84ee-86f93201a929", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54677", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113668199653283050", "content": "", "creation_timestamp": "2024-12-17T12:38:02.203797Z"}, {"uuid": "1cee8a13-63b4-4940-b8b8-3ff63d959c11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lfcb7nuplx27", "content": "", "creation_timestamp": "2025-01-09T08:30:44.431366Z"}, {"uuid": "8e1a59f7-4fbb-499a-9c00-c1b786627af1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf7yqilqjl2b", "content": "", "creation_timestamp": "2025-01-08T10:53:48.743000Z"}, {"uuid": "106bde25-3d4f-4e2a-bffe-f67733af1f4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lfbqhn5rm22e", "content": "", "creation_timestamp": "2025-01-09T03:30:59.709520Z"}, {"uuid": "dddbf455-a6e0-4643-9b9b-0eea541bef09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113793283551001884", "content": "", "creation_timestamp": "2025-01-08T14:48:31.230396Z"}, {"uuid": "aa3a013d-6d19-4d4f-ba49-701f2f0a91fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-54676", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lfc3eicsts2j", "content": "", "creation_timestamp": "2025-01-09T06:46:03.495130Z"}, {"uuid": "0ffd4053-03f6-489b-852c-43d2aaf3dfea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lf7klrih772u", "content": "", "creation_timestamp": "2025-01-08T06:40:34.598944Z"}, {"uuid": "1adb5860-98e7-4636-bcd8-0d831e7a43c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113791840182143844", "content": "", "creation_timestamp": "2025-01-08T08:41:28.361800Z"}, {"uuid": "9a832524-3fa5-4e97-ab6f-e726e74e5d6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf7tbdmbtk2i", "content": "", "creation_timestamp": "2025-01-08T09:15:48.069542Z"}, {"uuid": "e0739f83-4dbc-4c3e-9373-ee8a1155143c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54678", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lw7l5sbkey2z", "content": "", "creation_timestamp": "2025-08-12T14:58:57.204437Z"}, {"uuid": "e07ec5a4-a1f7-4e6f-ae11-ffb88ce6541e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/678", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54676\n\ud83d\udd39 Description: Vendor: The Apache Software Foundation\n\nVersions Affected: Apache OpenMeetings from 2.1.0 before 8.0.0\n\nDescription: Default clustering instructions at  https://openmeetings.apache.org/Clustering.html \u00a0doesn't specify white/black lists for OpenJPA this leads to possible deserialisation of untrusted data.\nUsers are recommended to upgrade to version 8.0.0 and update their startup scripts to include the relevant 'openjpa.serialization.class.blacklist' and 'openjpa.serialization.class.whitelist' configurations as shown in the documentation.\n\ud83d\udccf Published: 2025-01-08T08:40:03.705Z\n\ud83d\udccf Modified: 2025-01-08T09:02:51.250Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/o0k05jxrt5tp4nm45lj14yfjxmg67m95", "creation_timestamp": "2025-01-08T09:12:18.000000Z"}, {"uuid": "06187851-fd12-46f7-83b2-6a7b4d599d03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54678", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-03", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "e2b7b5dc-39a9-417c-9c63-6586303eb5dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54679", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9323", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-54679 - CyberPanel (aka Cyber Panel) Denial of Service\nURL\uff1ahttps://github.com/hotplugin0x01/CVE-2024-54679\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-06T06:10:41.000000Z"}, {"uuid": "4377e1cc-0777-4590-a5d7-ed0295dd5c44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://t.me/CyberBulletin/2015", "content": "\u26a1\ufe0fApache OpenMeetings Users Urged to Patch Critical Flaw \u2013 CVE-2024-54676 (CVSS 9.8).\n\n#CyberBulletin", "creation_timestamp": "2025-01-09T05:36:33.000000Z"}, {"uuid": "7eac05c7-3756-4bc7-a909-0eee7c829f4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54677", "type": "seen", "source": "https://t.me/cvedetector/13090", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54677 - Apache Tomcat Uncontrolled Resource Consumption Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-54677 \nPublished : Dec. 17, 2024, 1:15 p.m. | 37\u00a0minutes ago \nDescription : Uncontrolled Resource Consumption vulnerability in the examples web application provided with Apache Tomcat leads to denial of service.  \n  \nThis issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from 10.1.0-M1 through 10.1.33, from 9.0.0.M1 through 9.9.97.  \n  \nUsers are recommended to upgrade to version 11.0.2, 10.1.34 or 9.0.98, which fixes the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-17T15:06:14.000000Z"}, {"uuid": "6ccca292-2c4d-41d8-b05c-c0d172a3dbf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54676", "type": "seen", "source": "https://t.me/cvedetector/14674", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54676 - Apache OpenMeetings Object Deserialization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-54676 \nPublished : Jan. 8, 2025, 9:15 a.m. | 30\u00a0minutes ago \nDescription : Vendor: The Apache Software Foundation  \n  \nVersions Affected: Apache OpenMeetings from 2.1.0 before 8.0.0  \n  \nDescription: Default clustering instructions at   \u00a0doesn't specify white/black lists for OpenJPA this leads to possible deserialisation of untrusted data.  \nUsers are recommended to upgrade to version 8.0.0 and update their startup scripts to include the relevant 'openjpa.serialization.class.blacklist' and 'openjpa.serialization.class.whitelist' configurations as shown in the documentation. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-08T10:47:49.000000Z"}, {"uuid": "025b1459-b816-4401-b5a1-d830c73022d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54674", "type": "seen", "source": "https://t.me/cvedetector/12031", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54674 - app/View/GalaxyClusters/cluster_export_misp_galaxy\", \n  \"Content\": \"CVE ID : CVE-2024-54674 \nPublished : Dec. 4, 2024, 9:15 p.m. | 43\u00a0minutes ago \nDescription : app/View/GalaxyClusters/cluster_export_misp_galaxy.ctp in MISP through 2.5.2 has stored XSS when exporting custom clusters into the misp-galaxy format. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T23:27:31.000000Z"}, {"uuid": "e28c099f-93d5-4235-8a11-fd3522521470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54679", "type": "seen", "source": "https://t.me/cvedetector/12098", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54679 - CyberPanel (aka Cyber Panel) before 6778ad1 does n\", \n  \"Content\": \"CVE ID : CVE-2024-54679 \nPublished : Dec. 5, 2024, 2:15 p.m. | 38\u00a0minutes ago \nDescription : CyberPanel (aka Cyber Panel) before 6778ad1 does not require the FilemanagerAdmin capability for restartMySQL actions. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-05T16:11:43.000000Z"}, {"uuid": "543d1a6d-f94e-4ea7-9aa2-54f69dcb1f30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54675", "type": "seen", "source": "https://t.me/cvedetector/12030", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54675 - app/webroot/js/workflows-editor/workflows-editor.j\", \n  \"Content\": \"CVE ID : CVE-2024-54675 \nPublished : Dec. 4, 2024, 9:15 p.m. | 43\u00a0minutes ago \nDescription : app/webroot/js/workflows-editor/workflows-editor.js in MISP through 2.5.2 has stored XSS in the editor interface for an ad-hoc workflow. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T23:27:30.000000Z"}, {"uuid": "a1ed6eba-cd3e-418e-b938-e04f33eeda8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5467", "type": "seen", "source": "https://t.me/cvedetector/3986", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5467 - Zohocorp ManageEngine ADAudit Plus SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-5467 \nPublished : Aug. 23, 2024, 2:15 p.m. | 42\u00a0minutes ago \nDescription : Zohocorp\u00a0ManageEngine\u00a0ADAudit Plus versions below\u00a08121 are vulnerable to the authenticated SQL injection in account lockout report. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T17:07:51.000000Z"}, {"uuid": "ea522fa8-311e-41e3-b0f7-cef135751e73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54679", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/2227", "content": "#exploit\n1. CVE-2024-54679:\nCyber Panel DoS\nhttps://github.com/hotplugin0x01/CVE-2024-54679\n\n2. CVE-2024-39090:\nCSRF to Stored XSS in PHP Gurukul Online Shopping Portal v2.0\nhttps://github.com/ghostwirez/CVE-2024-39090-PoC\n\n3. CVE-2023-23586:\nLinux vDSO and VVAR\nhttps://u1f383.github.io/linux/2024/12/11/linux-vdso-and-vvar.html", "creation_timestamp": "2024-12-20T18:02:36.000000Z"}, {"uuid": "e36d3f3a-d583-4650-bef7-36332c2f7492", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54677", "type": "seen", "source": "https://t.me/CyberBulletin/26846", "content": "\u26a1\ufe0fRCE and DoS Vulnerabilities Addressed in Apache Tomcat: CVE-2024-50379 and CVE-2024-54677.\n\n#CyberBulletin", "creation_timestamp": "2024-12-18T12:14:46.000000Z"}, {"uuid": "be4774ad-8de0-4509-a459-df1c67c594ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54679", "type": "published-proof-of-concept", "source": "https://t.me/suboxone_chatroom/1559", "content": "#exploit\n1. CVE-2024-54679:\nCyber Panel DoS\nhttps://github.com/hotplugin0x01/CVE-2024-54679\n\n2. CVE-2024-39090:\nCSRF to Stored XSS in PHP Gurukul Online Shopping Portal v2.0\nhttps://github.com/ghostwirez/CVE-2024-39090-PoC\n\n3. CVE-2023-23586:\nLinux vDSO and VVAR\nhttps://u1f383.github.io/linux/2024/12/11/linux-vdso-and-vvar.html", "creation_timestamp": "2025-01-27T07:06:51.000000Z"}, {"uuid": "450745eb-538d-4b17-a9a3-febcb1493f23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54679", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11581", "content": "#exploit\n1. CVE-2024-54679:\nCyber Panel DoS\nhttps://github.com/hotplugin0x01/CVE-2024-54679\n\n2. CVE-2024-39090:\nCSRF to Stored XSS in PHP Gurukul Online Shopping Portal v2.0\nhttps://github.com/ghostwirez/CVE-2024-39090-PoC\n\n3. CVE-2023-23586:\nLinux vDSO and VVAR\nhttps://u1f383.github.io/linux/2024/12/11/linux-vdso-and-vvar.html", "creation_timestamp": "2024-12-22T23:23:48.000000Z"}]}