Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 08 Jun 2026 22:44:51 +0000 8a913d10-793a-43fe-8d20-856062debec0 https://vulnerability.circl.lu/sighting/8a913d10-793a-43fe-8d20-856062debec0/export {"uuid": "8a913d10-793a-43fe-8d20-856062debec0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/true_secator/6274", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0437\u043d\u0430\u043a\u043e\u043c\u0438\u0442\u044c \u0441 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438:\n\n1. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 PrivSec \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0438 PoC \u0434\u043b\u044f CVE-2024-38200, \u043d\u043e\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 NTLM Relaying, \u0432\u043b\u0438\u044f\u044e\u0449\u0435\u0439 \u043d\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Office.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u043f\u043e\u0441\u043b\u0435 \u0435\u0435 \u0430\u043d\u043e\u043d\u0441\u0430 \u043d\u0430 DEFCON.\n\n2. GreyNoise \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0445 \u0430\u0442\u0430\u043a, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0438\u044e\u043d\u044c\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SolarWinds Serv-U, \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2024-28995.\n\n3. JetBrains \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 20 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 TeamCity CI/CD.\n\n4. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0427\u0430\u0440\u043b\u044c\u0437 \u0424\u043e\u043b \u0438\u0437 LEXFO \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u00a0\u0442\u0440\u0435\u0442\u044c\u044e (\u043f\u0435\u0440\u0432\u0430\u044f \u0438 \u0432\u0442\u043e\u0440\u0430\u044f) \u0447\u0430\u0441\u0442\u044c \u0430\u043d\u0430\u043b\u0438\u0437\u0430 CVE-2024-2961, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Glibc (CVE-2024-2961), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f RCE-\u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u044b \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 PHP.\n\n5. \u0420\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043c\u043d\u043e\u0433\u043e\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0440\u0435\u0436\u0438\u043c\u0430 LAN/LDN \u0432 Nintendo Mario Kart 8 Deluxe \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 3.0.3 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0441\u0442\u0435\u043a\u0430 \u0431\u0443\u0444\u0435\u0440\u0430 \u043f\u0440\u0438 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0441\u0435\u0430\u043d\u0441\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0433\u043e \u043f\u0430\u043a\u0435\u0442\u0430 \u043e\u0431\u0437\u043e\u0440\u0430-\u043e\u0442\u0432\u0435\u0442\u0430, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u043a\u0430\u043a KartLANPwn.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0436\u0435\u0440\u0442\u0432\u0435 \u043d\u0435 \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0442\u044c\u0441\u044f \u043a \u0438\u0433\u0440\u043e\u0432\u043e\u0439 \u0441\u0435\u0441\u0441\u0438\u0438 \u0441\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c. \u0414\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u043c\u0435\u043d\u044e \u00abWireless Play\u00bb (\u0438\u043b\u0438 \u00abLAN Play\u00bb) \u043d\u0430 \u0442\u0438\u0442\u0443\u043b\u044c\u043d\u043e\u043c \u044d\u043a\u0440\u0430\u043d\u0435 \u0438\u0433\u0440\u044b, \u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u0439\u0441\u044f \u043f\u043e\u0431\u043b\u0438\u0437\u043e\u0441\u0442\u0438 (LDN) \u0438\u043b\u0438 \u0432 \u0442\u043e\u0439 \u0436\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438, \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u043e\u0442\u0432\u0435\u0442\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 \u043d\u0430 \u043a\u043e\u043d\u0441\u043e\u043b\u044c \u0436\u0435\u0440\u0442\u0432\u044b.\n\n\u0412\u0441\u0435 \u044d\u0442\u043e (CVE-2024-45200) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 DoS \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0438\u0433\u0440\u044b \u0438\u043b\u0438, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e, RCE \u043d\u0430 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u044b.\n\n6. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Akamai \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043e\u0442\u0447\u0435\u0442 \u041c\u0430\u0440\u0433\u0430\u0440\u0438\u0442\u0435\u043b\u043b\u0438 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Common UNIX Printing System (CUPS) \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f DDoS-\u0430\u0442\u0430\u043a.\n\n\u0420\u0430\u043d\u0435\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0442\u044c \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0447\u0442\u043e, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Red Hat, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043a\u0440\u0430\u0436\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u043b\u0438 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0435\u0441\u043b\u0438 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c \u043e\u0448\u0438\u0431\u043e\u043a \u043f\u043e \u0447\u0430\u0441\u0442\u0438 RCE \u0431\u044b\u043b\u0430 \u0437\u0430\u0432\u044b\u0448\u0435\u043d\u0430, \u0442\u043e \u043f\u043e\u0437\u0434\u043d\u0435\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u00a0\u0443\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u043d\u043e \u0430\u0434\u0430\u043f\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0435\u0433\u043e \u0432 \u0430\u0442\u0430\u043a\u0443 \u0441 \u043d\u0443\u043b\u0435\u0432\u044b\u043c \u0449\u0435\u043b\u0447\u043a\u043e\u043c.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Akamai \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0438 \u043c\u0430\u0441\u043b\u0430 \u0432 \u043e\u0433\u043e\u043d\u044c, \u043e\u0442\u043c\u0435\u0442\u0438\u0432, \u0447\u0442\u043e \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0446\u0435\u043b\u044c \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c, \u043d\u043e \u0438 \u0445\u043e\u0441\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 CUPS \u0442\u0430\u043a\u0436\u0435 \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0436\u0435\u0440\u0442\u0432\u043e\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0430\u0442\u0430\u043a\u0430 \u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0435\u0442 \u0435\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u043f\u0440\u043e\u043f\u0443\u0441\u043a\u043d\u0443\u044e \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u0426\u041f.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Akamai \u0432\u044b\u044f\u0432\u0438\u043b \u0431\u043e\u043b\u0435\u0435 58\u00a0000 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 CUPS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a.\n\n\u0418 \u0435\u0441\u043b\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u044c, \u0447\u0442\u043e \u0432\u0441\u0435 58\u00a0000+ \u0445\u043e\u0441\u0442\u043e\u0432 CUPS \u0431\u0443\u0434\u0443\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u044b \u0432 \u043e\u0434\u043d\u0443 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e, \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0442\u043e\u043a\u0443 \u0432 1 \u0413\u0411 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u0430\u043a\u0435\u0442 UDP \u0438\u0437 \u043f\u0440\u0438\u043c\u0435\u0440\u0430 \u0441 \u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c. \u0421\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u0441 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0442\u043e\u043a\u0443 \u0432 6 \u0413\u0411.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u044d\u0442\u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u043d\u0435\u043b\u044c\u0437\u044f \u0441\u0447\u0438\u0442\u0430\u0442\u044c \u043e\u0448\u0435\u043b\u043e\u043c\u043b\u044f\u044e\u0449\u0438\u043c\u0438, \u043e\u043d\u0438 \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0443\u0442 \u043a \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0446\u0435\u043b\u044c\u044e \u043e\u043a\u043e\u043b\u043e 2,6 \u043c\u043b\u043d. TCP-\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u0438 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u043b\u044e\u0431\u043e\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043b\u0435\u0433\u043a\u043e \u0438 \u043d\u0435 \u043d\u0430\u043a\u043b\u0430\u0434\u043d\u043e \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0442\u0430\u043a\u0443\u044e \u0430\u0442\u0430\u043a\u0443, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0432\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0445\u043e\u0441\u0442\u044b CUPS, \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0432\u0441\u0435\u0433\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u043a\u0443\u043d\u0434.", "creation_timestamp": "2024-10-02T17:30:06.000000Z"} {"uuid": "8a913d10-793a-43fe-8d20-856062debec0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/true_secator/6274", "content": "\u041f\u0440\u043e\u0434\u043e\u043b\u0436\u0430\u0435\u043c \u0437\u043d\u0430\u043a\u043e\u043c\u0438\u0442\u044c \u0441 \u043d\u0430\u0438\u0431\u043e\u043b\u0435\u0435 \u0442\u0440\u0435\u043d\u0434\u043e\u0432\u044b\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438:\n\n1. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 PrivSec \u0432\u044b\u043a\u0430\u0442\u0438\u043b\u0438 \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0438 PoC \u0434\u043b\u044f CVE-2024-38200, \u043d\u043e\u0432\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 NTLM Relaying, \u0432\u043b\u0438\u044f\u044e\u0449\u0435\u0439 \u043d\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f Office.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0441\u0435\u0440\u0435\u0434\u0438\u043d\u0435 \u0430\u0432\u0433\u0443\u0441\u0442\u0430 \u043f\u043e\u0441\u043b\u0435 \u0435\u0435 \u0430\u043d\u043e\u043d\u0441\u0430 \u043d\u0430 DEFCON.\n\n2. GreyNoise \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0430 \u043f\u043e\u0434\u0440\u043e\u0431\u043d\u043e\u0441\u0442\u0438 \u043d\u0435\u0434\u0430\u0432\u043d\u0438\u0445 \u0430\u0442\u0430\u043a, \u043d\u0430\u0446\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430 \u0438\u044e\u043d\u044c\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c SolarWinds Serv-U, \u043e\u0442\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a CVE-2024-28995.\n\n3. JetBrains \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 20 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0434\u043b\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430 TeamCity CI/CD.\n\n4. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0427\u0430\u0440\u043b\u044c\u0437 \u0424\u043e\u043b \u0438\u0437 LEXFO \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b\u00a0\u0442\u0440\u0435\u0442\u044c\u044e (\u043f\u0435\u0440\u0432\u0430\u044f \u0438 \u0432\u0442\u043e\u0440\u0430\u044f) \u0447\u0430\u0441\u0442\u044c \u0430\u043d\u0430\u043b\u0438\u0437\u0430 CVE-2024-2961, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Glibc (CVE-2024-2961), \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f RCE-\u0430\u0442\u0430\u043a \u043d\u0430 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f \u0438 \u0432\u0435\u0431-\u0441\u0430\u0439\u0442\u044b \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 PHP.\n\n5. \u0420\u0435\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u044f \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043c\u043d\u043e\u0433\u043e\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u0441\u043a\u043e\u0433\u043e \u0440\u0435\u0436\u0438\u043c\u0430 LAN/LDN \u0432 Nintendo Mario Kart 8 Deluxe \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 3.0.3 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435 \u0441\u0442\u0435\u043a\u0430 \u0431\u0443\u0444\u0435\u0440\u0430 \u043f\u0440\u0438 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0441\u0435\u0430\u043d\u0441\u0430 \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043d\u0435\u043a\u043e\u0440\u0440\u0435\u043a\u0442\u043d\u043e\u0433\u043e \u043f\u0430\u043a\u0435\u0442\u0430 \u043e\u0431\u0437\u043e\u0440\u0430-\u043e\u0442\u0432\u0435\u0442\u0430, \u0442\u0430\u043a\u0436\u0435 \u0438\u0437\u0432\u0435\u0441\u0442\u043d\u043e\u0433\u043e \u043a\u0430\u043a KartLANPwn.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0436\u0435\u0440\u0442\u0432\u0435 \u043d\u0435 \u043e\u0431\u044f\u0437\u0430\u0442\u0435\u043b\u044c\u043d\u043e \u043f\u0440\u0438\u0441\u043e\u0435\u0434\u0438\u043d\u044f\u0442\u044c\u0441\u044f \u043a \u0438\u0433\u0440\u043e\u0432\u043e\u0439 \u0441\u0435\u0441\u0441\u0438\u0438 \u0441\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u043c. \u0414\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043e\u0442\u043a\u0440\u044b\u0442\u044c \u043c\u0435\u043d\u044e \u00abWireless Play\u00bb (\u0438\u043b\u0438 \u00abLAN Play\u00bb) \u043d\u0430 \u0442\u0438\u0442\u0443\u043b\u044c\u043d\u043e\u043c \u044d\u043a\u0440\u0430\u043d\u0435 \u0438\u0433\u0440\u044b, \u0430 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043d\u0430\u0445\u043e\u0434\u044f\u0449\u0438\u0439\u0441\u044f \u043f\u043e\u0431\u043b\u0438\u0437\u043e\u0441\u0442\u0438 (LDN) \u0438\u043b\u0438 \u0432 \u0442\u043e\u0439 \u0436\u0435 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438, \u043c\u043e\u0436\u0435\u0442 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0441\u043e\u0437\u0434\u0430\u043d\u043d\u044b\u0439 \u043e\u0442\u0432\u0435\u0442\u043d\u044b\u0439 \u043f\u0430\u043a\u0435\u0442 \u043d\u0430 \u043a\u043e\u043d\u0441\u043e\u043b\u044c \u0436\u0435\u0440\u0442\u0432\u044b.\n\n\u0412\u0441\u0435 \u044d\u0442\u043e (CVE-2024-45200) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u043e\u043b\u043d\u044b\u0439 DoS \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u0438\u0433\u0440\u044b \u0438\u043b\u0438, \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e, RCE \u043d\u0430 \u043a\u043e\u043d\u0441\u043e\u043b\u0438 \u0436\u0435\u0440\u0442\u0432\u044b.\n\n6. \u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Akamai \u043f\u0440\u043e\u0430\u043d\u0430\u043b\u0438\u0437\u0438\u0440\u043e\u0432\u0430\u043b\u0438 \u043e\u0442\u0447\u0435\u0442 \u041c\u0430\u0440\u0433\u0430\u0440\u0438\u0442\u0435\u043b\u043b\u0438 \u0432 \u043e\u0442\u043d\u043e\u0448\u0435\u043d\u0438\u0438 \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Common UNIX Printing System (CUPS) \u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0438 \u043d\u043e\u0432\u044b\u0439 \u0432\u0435\u043a\u0442\u043e\u0440 \u0430\u0442\u0430\u043a, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u043c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f DDoS-\u0430\u0442\u0430\u043a.\n\n\u0420\u0430\u043d\u0435\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u0438\u0445 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0442\u044c \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0434\u043b\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430, \u0447\u0442\u043e, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Red Hat, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043a\u0440\u0430\u0436\u0435 \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0434\u0430\u043d\u043d\u044b\u0445 \u0438\u043b\u0438 \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0438 \u0432\u0430\u0436\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u0435\u0441\u043b\u0438 \u0438\u0437\u043d\u0430\u0447\u0430\u043b\u044c\u043d\u043e \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u043b\u043e\u0441\u044c, \u0447\u0442\u043e \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u044c \u043e\u0448\u0438\u0431\u043e\u043a \u043f\u043e \u0447\u0430\u0441\u0442\u0438 RCE \u0431\u044b\u043b\u0430 \u0437\u0430\u0432\u044b\u0448\u0435\u043d\u0430, \u0442\u043e \u043f\u043e\u0437\u0434\u043d\u0435\u0435 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c\u00a0\u0443\u043a\u0430\u0437\u0430\u043b, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442 \u043c\u043e\u0436\u043d\u043e \u0430\u0434\u0430\u043f\u0442\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u0435\u0432\u0440\u0430\u0449\u0435\u043d\u0438\u044f \u0435\u0433\u043e \u0432 \u0430\u0442\u0430\u043a\u0443 \u0441 \u043d\u0443\u043b\u0435\u0432\u044b\u043c \u0449\u0435\u043b\u0447\u043a\u043e\u043c.\n\n\u0412 \u0441\u0432\u043e\u044e \u043e\u0447\u0435\u0440\u0435\u0434\u044c, Akamai \u0434\u043e\u0431\u0430\u0432\u0438\u043b\u0438 \u043c\u0430\u0441\u043b\u0430 \u0432 \u043e\u0433\u043e\u043d\u044c, \u043e\u0442\u043c\u0435\u0442\u0438\u0432, \u0447\u0442\u043e \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u0430\u0433\u0430\u0435\u043c\u043e\u0439 \u0430\u0442\u0430\u043a\u0438 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0446\u0435\u043b\u044c \u043e\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043f\u043e\u0434 \u0443\u0434\u0430\u0440\u043e\u043c, \u043d\u043e \u0438 \u0445\u043e\u0441\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u0430 CUPS \u0442\u0430\u043a\u0436\u0435 \u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u0441\u044f \u0436\u0435\u0440\u0442\u0432\u043e\u0439, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0430\u0442\u0430\u043a\u0430 \u043f\u043e\u0442\u0440\u0435\u0431\u043b\u044f\u0435\u0442 \u0435\u0433\u043e \u0441\u0435\u0442\u0435\u0432\u0443\u044e \u043f\u0440\u043e\u043f\u0443\u0441\u043a\u043d\u0443\u044e \u0441\u043f\u043e\u0441\u043e\u0431\u043d\u043e\u0441\u0442\u044c \u0438 \u0440\u0435\u0441\u0443\u0440\u0441\u044b \u0426\u041f.\n\n\u0410\u043d\u0430\u043b\u0438\u0437 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Akamai \u0432\u044b\u044f\u0432\u0438\u043b \u0431\u043e\u043b\u0435\u0435 58\u00a0000 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u044b\u0445 \u0447\u0435\u0440\u0435\u0437 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442 \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 CUPS, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0445 DDoS-\u0430\u0442\u0430\u043a.\n\n\u0418 \u0435\u0441\u043b\u0438 \u043f\u0440\u0435\u0434\u043f\u043e\u043b\u043e\u0436\u0438\u0442\u044c, \u0447\u0442\u043e \u0432\u0441\u0435 58\u00a0000+ \u0445\u043e\u0441\u0442\u043e\u0432 CUPS \u0431\u0443\u0434\u0443\u0442 \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u044b \u0432 \u043e\u0434\u043d\u0443 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e, \u044d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0442\u043e\u043a\u0443 \u0432 1 \u0413\u0411 \u0432\u0445\u043e\u0434\u044f\u0449\u0435\u0433\u043e \u0442\u0440\u0430\u0444\u0438\u043a\u0430 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u043f\u0430\u043a\u0435\u0442 UDP \u0438\u0437 \u043f\u0440\u0438\u043c\u0435\u0440\u0430 \u0441 \u043c\u0438\u043d\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c \u0434\u043e\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c. \u0421\u0446\u0435\u043d\u0430\u0440\u0438\u0439 \u0441 \u043c\u0430\u043a\u0441\u0438\u043c\u0430\u043b\u044c\u043d\u044b\u043c \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0442\u043e\u043a\u0443 \u0432 6 \u0413\u0411.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u044d\u0442\u0438 \u043f\u043e\u043a\u0430\u0437\u0430\u0442\u0435\u043b\u0438 \u043d\u0435\u043b\u044c\u0437\u044f \u0441\u0447\u0438\u0442\u0430\u0442\u044c \u043e\u0448\u0435\u043b\u043e\u043c\u043b\u044f\u044e\u0449\u0438\u043c\u0438, \u043e\u043d\u0438 \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0443\u0442 \u043a \u043d\u0435\u043e\u0431\u0445\u043e\u0434\u0438\u043c\u043e\u0441\u0442\u0438 \u043e\u0431\u0440\u0430\u0431\u043e\u0442\u043a\u0438 \u0446\u0435\u043b\u044c\u044e \u043e\u043a\u043e\u043b\u043e 2,6 \u043c\u043b\u043d. TCP-\u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0439 \u0438 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 \u0432 \u043b\u044e\u0431\u043e\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u0431\u0443\u0434\u0435\u0442 \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043b\u0435\u0433\u043a\u043e \u0438 \u043d\u0435 \u043d\u0430\u043a\u043b\u0430\u0434\u043d\u043e \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0438\u0442\u044c \u0442\u0430\u043a\u0443\u044e \u0430\u0442\u0430\u043a\u0443, \u043f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 \u0434\u043b\u044f \u0442\u043e\u0433\u043e, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u0432\u0441\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0445\u043e\u0441\u0442\u044b CUPS, \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0432\u0441\u0435\u0433\u043e \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0441\u0435\u043a\u0443\u043d\u0434.", "creation_timestamp": "2024-10-02T17:30:06.000000Z"} https://vulnerability.circl.lu/sighting/8a913d10-793a-43fe-8d20-856062debec0/export Wed, 02 Oct 2024 17:30:06 +0000 235f57fb-05fb-48e6-8c9d-4412c7d56718 https://vulnerability.circl.lu/sighting/235f57fb-05fb-48e6-8c9d-4412c7d56718/export {"uuid": "235f57fb-05fb-48e6-8c9d-4412c7d56718", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11240", "content": "#exploit\n1. CVE-2024-45409:\nRuby-SAML/GitLab Authentication Bypass\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200:\nMario Kart 8 Deluxe's \"KartLANPwn\" BoF\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n// CVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709", "creation_timestamp": "2024-10-06T14:45:15.000000Z"} {"uuid": "235f57fb-05fb-48e6-8c9d-4412c7d56718", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11240", "content": "#exploit\n1. CVE-2024-45409:\nRuby-SAML/GitLab Authentication Bypass\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200:\nMario Kart 8 Deluxe's \"KartLANPwn\" BoF\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n// CVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709", "creation_timestamp": "2024-10-06T14:45:15.000000Z"} https://vulnerability.circl.lu/sighting/235f57fb-05fb-48e6-8c9d-4412c7d56718/export Sun, 06 Oct 2024 14:45:15 +0000 b8fbd582-1696-4351-8bbd-8cb643dac1df https://vulnerability.circl.lu/sighting/b8fbd582-1696-4351-8bbd-8cb643dac1df/export {"uuid": "b8fbd582-1696-4351-8bbd-8cb643dac1df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3288", "content": "https://github.com/latte-soft/kartlanpwn\n\nInformation & PoC for CVE-2024-45200, Mario Kart 8 Deluxe's \"KartLANPwn\" buffer overflow vulnerability\n#github #poc", "creation_timestamp": "2024-10-06T17:38:11.000000Z"} {"uuid": "b8fbd582-1696-4351-8bbd-8cb643dac1df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3288", "content": "https://github.com/latte-soft/kartlanpwn\n\nInformation & PoC for CVE-2024-45200, Mario Kart 8 Deluxe's \"KartLANPwn\" buffer overflow vulnerability\n#github #poc", "creation_timestamp": "2024-10-06T17:38:11.000000Z"} https://vulnerability.circl.lu/sighting/b8fbd582-1696-4351-8bbd-8cb643dac1df/export Sun, 06 Oct 2024 17:38:11 +0000 94c7d813-8163-48eb-881a-d78965f4c11d https://vulnerability.circl.lu/sighting/94c7d813-8163-48eb-881a-d78965f4c11d/export {"uuid": "94c7d813-8163-48eb-881a-d78965f4c11d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/ton618cyber/5262", "content": "#exploit\n1. CVE-2024-45409:\nRuby-SAML/GitLab Authentication Bypass\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200:\nMario Kart 8 Deluxe's \"KartLANPwn\" BoF\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n// CVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709", "creation_timestamp": "2024-10-08T16:16:09.000000Z"} {"uuid": "94c7d813-8163-48eb-881a-d78965f4c11d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/ton618cyber/5262", "content": "#exploit\n1. CVE-2024-45409:\nRuby-SAML/GitLab Authentication Bypass\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200:\nMario Kart 8 Deluxe's \"KartLANPwn\" BoF\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n// CVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709", "creation_timestamp": "2024-10-08T16:16:09.000000Z"} https://vulnerability.circl.lu/sighting/94c7d813-8163-48eb-881a-d78965f4c11d/export Tue, 08 Oct 2024 16:16:09 +0000 0fd765c1-2747-4e39-a27f-ab4912a66094 https://vulnerability.circl.lu/sighting/0fd765c1-2747-4e39-a27f-ab4912a66094/export {"uuid": "0fd765c1-2747-4e39-a27f-ab4912a66094", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/CyberDilara/1055", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:00.000000Z"} {"uuid": "0fd765c1-2747-4e39-a27f-ab4912a66094", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/CyberDilara/1055", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:00.000000Z"} https://vulnerability.circl.lu/sighting/0fd765c1-2747-4e39-a27f-ab4912a66094/export Fri, 11 Oct 2024 06:11:00 +0000 1fb75870-4b4c-477a-b7a1-a4b27754843f https://vulnerability.circl.lu/sighting/1fb75870-4b4c-477a-b7a1-a4b27754843f/export {"uuid": "1fb75870-4b4c-477a-b7a1-a4b27754843f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/GrayHatsHack/8873", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:05.000000Z"} {"uuid": "1fb75870-4b4c-477a-b7a1-a4b27754843f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/GrayHatsHack/8873", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:05.000000Z"} https://vulnerability.circl.lu/sighting/1fb75870-4b4c-477a-b7a1-a4b27754843f/export Fri, 11 Oct 2024 06:11:05 +0000 64e0c8e0-c112-4100-b50c-beb5501d90b4 https://vulnerability.circl.lu/sighting/64e0c8e0-c112-4100-b50c-beb5501d90b4/export {"uuid": "64e0c8e0-c112-4100-b50c-beb5501d90b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/GrayHatsHack/7509", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:05.000000Z"} {"uuid": "64e0c8e0-c112-4100-b50c-beb5501d90b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/GrayHatsHack/7509", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:05.000000Z"} https://vulnerability.circl.lu/sighting/64e0c8e0-c112-4100-b50c-beb5501d90b4/export Fri, 11 Oct 2024 06:11:05 +0000 5b5bbeea-70e0-4c36-a755-8fded0129dab https://vulnerability.circl.lu/sighting/5b5bbeea-70e0-4c36-a755-8fded0129dab/export {"uuid": "5b5bbeea-70e0-4c36-a755-8fded0129dab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/InfoSecInsider/24061", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:11.000000Z"} {"uuid": "5b5bbeea-70e0-4c36-a755-8fded0129dab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/InfoSecInsider/24061", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:11.000000Z"} https://vulnerability.circl.lu/sighting/5b5bbeea-70e0-4c36-a755-8fded0129dab/export Fri, 11 Oct 2024 06:11:11 +0000 b424f8f5-7e8c-41a2-9a76-f27204ec107f https://vulnerability.circl.lu/sighting/b424f8f5-7e8c-41a2-9a76-f27204ec107f/export {"uuid": "b424f8f5-7e8c-41a2-9a76-f27204ec107f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/InfoSecInsider/492", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:11.000000Z"} {"uuid": "b424f8f5-7e8c-41a2-9a76-f27204ec107f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/InfoSecInsider/492", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:11.000000Z"} https://vulnerability.circl.lu/sighting/b424f8f5-7e8c-41a2-9a76-f27204ec107f/export Fri, 11 Oct 2024 06:11:11 +0000 71217f9e-ecd8-4a3e-a44b-d0d257eb61dd https://vulnerability.circl.lu/sighting/71217f9e-ecd8-4a3e-a44b-d0d257eb61dd/export {"uuid": "71217f9e-ecd8-4a3e-a44b-d0d257eb61dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/dilagrafie/3789", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:18.000000Z"} {"uuid": "71217f9e-ecd8-4a3e-a44b-d0d257eb61dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45200", "type": "seen", "source": "https://t.me/dilagrafie/3789", "content": "Tools - Hackers Factory \n\n#WebApp_Security\n#Offensive_security\n\nBounty Security Tools\n\n]-> GBounty Scanner:\n\nhttps://github.com/BountySecurity/gbounty\n\n]-> GBounty Multi-Step Profiles:\n\nhttps://github.com/BountySecurity/gbounty-profiles\n\n]-> GBounty Profiles Designer:\n\nhttps://github.com/BountySecurity/GBountyProfilesDesigner\n\nTest your prompts, agents, and RAGs. Red teaming, pentesting, and vulnerability scanning for LLMs. Compare performance of GPT, Claude, Gemini, Llama, and more. Simple declarative configs with command line and CI/CD integration. \n\nhttps://github.com/promptfoo/promptfoo\n\nRepository for application-layer loop DoS \n\nhttps://github.com/cispa/loop-DoS\n\n#exploit\n\n1. CVE-2024-45409: Ruby-SAML/GitLab Authentication Bypass\n\nhttps://blog.projectdiscovery.io/ruby-saml-gitlab-auth-bypass\n\n2. CVE-2024-45200: Mario Kart 8 Deluxe's \"KartLANPwn\" BoF\n\nhttps://github.com/latte-soft/kartlanpwn\n\n3. Apache HTTP Server Vulnerability Testing Tool\n\nhttps://github.com/mrmtwoj/apache-vulnerability-testing\n\nCVE-2024-38472, CVE-2024-39573, CVE-2024-38477, CVE-2024-38476, CVE-2024-38475, CVE-2024-38474, CVE-2024-38473, CVE-2023-38709\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-11T06:11:18.000000Z"} https://vulnerability.circl.lu/sighting/71217f9e-ecd8-4a3e-a44b-d0d257eb61dd/export Fri, 11 Oct 2024 06:11:18 +0000