{"vulnerability": "CVE-2024-1205", "sightings": [{"uuid": "005bee62-84bb-4459-8f4d-68e3a0a15d26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12053", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113606107544116189", "content": "", "creation_timestamp": "2024-12-06T13:27:11.928961Z"}, {"uuid": "bfffe6d2-7601-4c4c-9c18-ba70329dac6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12053", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113590396950354441", "content": "", "creation_timestamp": "2024-12-03T18:51:47.944231Z"}, {"uuid": "7eb16d8b-9e03-40f6-8d2b-6e253ea02164", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12053", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113590416932406147", "content": "", "creation_timestamp": "2024-12-03T18:56:51.970914Z"}, {"uuid": "7083e13d-48c8-4db6-a4b6-5f1e22162236", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12053", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113591074316314922", "content": "", "creation_timestamp": "2024-12-03T21:44:02.791920Z"}, {"uuid": "1057e2a9-1753-47ab-b0ce-ac874492a9f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12057", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113624457107037209", "content": "", "creation_timestamp": "2024-12-09T19:13:44.998356Z"}, {"uuid": "f955b003-cb20-4572-a22e-83b7090a8ed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12053", "type": "seen", "source": "https://www.thezdi.com/blog/2024/12/10/the-december-2024-security-update-review", "content": "", "creation_timestamp": "2024-12-10T17:33:56.000000Z"}, {"uuid": "b1a49b50-ec6f-43ea-8faa-1411d658493e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12053", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113635299660498681", "content": "", "creation_timestamp": "2024-12-11T17:11:08.525857Z"}, {"uuid": "0c62aeee-0b05-46c4-b603-8d54a3e89ce9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12059", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113638371581131526", "content": "", "creation_timestamp": "2024-12-12T06:12:22.434594Z"}, {"uuid": "4c0920fb-8c95-4dbd-ab0f-33d502595a29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-021-03", "content": "", "creation_timestamp": "2025-01-21T11:00:00.000000Z"}, {"uuid": "d655884a-02fb-47fa-bba8-d2507d68ac00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12058", "type": "seen", "source": "https://social.circl.lu/users/cedric/statuses/113986844143593949", "content": "", "creation_timestamp": "2025-02-11T19:13:31.534633Z"}, {"uuid": "52913cf3-8f17-4326-b6a2-95ac3b926835", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12058", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113985946502062448", "content": "", "creation_timestamp": "2025-02-11T15:25:14.387757Z"}, {"uuid": "415b0d27-c61c-4a12-898b-6f804ecf82cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12058", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhw2mecrol2h", "content": "", "creation_timestamp": "2025-02-11T16:16:11.826545Z"}, {"uuid": "a13a6447-3499-402c-9b19-0d26ac189284", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12057", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8367", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12057\n\ud83d\udd25 CVSS Score: 1.8 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:H/UI:N/VC:L/VI:L/VA:N/SC:L/SI:L/SA:N/AU:N/R:U/V:C/RE:M/U:Clear)\n\ud83d\udd39 Description: User credentials (login & password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end.\nBy exploiting this vulnerability, an attacker could retrieve the credentials of a user by accessing the Log File. Successful exploitation of this vulnerability could lead to unauthorized access to the application.\n\ud83d\udccf Published: 2024-12-09T19:08:15.527Z\n\ud83d\udccf Modified: 2025-03-21T15:55:47.995Z\n\ud83d\udd17 References:\n1. https://www.pcvue.com/security/#SB2024-6", "creation_timestamp": "2025-03-21T16:19:28.000000Z"}, {"uuid": "b8422e5d-fb2e-40e2-81b4-e5b30012c79f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li3sydrc6b2g", "content": "", "creation_timestamp": "2025-02-13T23:15:42.219427Z"}, {"uuid": "91b7413a-ddcd-49e5-ba3e-1eb60a1d3fb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3li3xgdh7gv2a", "content": "", "creation_timestamp": "2025-02-14T00:35:09.089611Z"}, {"uuid": "1bc39afc-0f14-4fa2-85d4-771a74f25945", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4380", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12054\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-13T23:15:09.823\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://nmfta.org/wp-content/media/2022/11/Actionable_Mitigations_Options_v9_DIST.pdf\n2. https://www.cisa.gov/news-events/ics-advisories/icsa-25-021-03", "creation_timestamp": "2025-02-14T01:11:13.000000Z"}, {"uuid": "6d6b056c-6a59-4c70-8d18-ca2038a6a4c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-12058", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/85f9fd3a-b2ef-443b-b091-2cad7418236f", "content": "", "creation_timestamp": "2025-02-11T19:05:13.397489Z"}, {"uuid": "c96a7377-f10f-481e-8295-c15d34a83d27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4408", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12054\n\ud83d\udd25 CVSS Score: 5.4 (CVSS_V3)\n\ud83d\udd39 Description: ZF Roll Stability Support Plus (RSSPlus) \nis vulnerable to an authentication bypass vulnerability targeting \ndeterministic RSSPlus SecurityAccess service seeds, which may allow an \nattacker to remotely (proximal/adjacent with RF equipment or via pivot \nfrom J2497 telematics devices) call diagnostic functions intended for \nworkshop or repair scenarios. This can impact system availability, \npotentially degrading performance or erasing software, however the \nvehicle remains in a safe vehicle state.\n\ud83d\udccf Published: 2025-02-14T00:30:44Z\n\ud83d\udccf Modified: 2025-02-14T00:30:44Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-12054\n2. https://nmfta.org/wp-content/media/2022/11/Actionable_Mitigations_Options_v9_DIST.pdf\n3. https://www.cisa.gov/news-events/ics-advisories/icsa-25-021-03", "creation_timestamp": "2025-02-14T01:17:06.000000Z"}, {"uuid": "05e5cfe4-1643-456c-8be2-d3caf9b11a00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12057", "type": "seen", "source": "https://t.me/cvedetector/12444", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12057 - PcVue Web Back End Password Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12057 \nPublished : Dec. 9, 2024, 7:15 p.m. | 44\u00a0minutes ago \nDescription : User credentials (login & password) are inserted into log files when a user tries to authenticate using a version of a Web client that is not compatible with that of the PcVue Web back end.  \nBy exploiting this vulnerability, an attacker could retrieve the credentials of a user by accessing the Log File. Successful exploitation of this vulnerability could lead to unauthorized access to the application. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T21:24:08.000000Z"}, {"uuid": "eb45d177-763e-4dc6-86b1-06b38f608486", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12053", "type": "seen", "source": "https://bsky.app/profile/ssd-disclsoure.bsky.social/post/3mkmovdigz22t", "content": "Want to know how a \u201csmall\u201d WebAssembly issue can become a big security problem?\n\nIn our new article, SSD Labs researcher, Aaron Cho, analyzes CVE-2024-12053. An arbitrary WebAssembly type confusion vulnerability leading to an RCE. Read about it here: ssd-disclosure.com/webassembly-...", "creation_timestamp": "2026-04-29T08:34:20.225413Z"}, {"uuid": "12dd409f-797f-42ca-a479-74457f0d6681", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "https://t.me/cvedetector/18062", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12054 - ZF Roll Stability Support Plus (RSSPlus) Authentication Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12054 \nPublished : Feb. 13, 2025, 11:15 p.m. | 33\u00a0minutes ago \nDescription : ZF Roll Stability Support Plus (RSSPlus)   \nis vulnerable to an authentication bypass vulnerability targeting   \ndeterministic RSSPlus SecurityAccess service seeds, which may allow an   \nattacker to remotely (proximal/adjacent with RF equipment or via pivot   \nfrom J2497 telematics devices) call diagnostic functions intended for   \nworkshop or repair scenarios. This can impact system availability,   \npotentially degrading performance or erasing software, however the   \nvehicle remains in a safe vehicle state. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-14T01:32:26.000000Z"}, {"uuid": "14f3f664-08d4-49ef-80a6-51f99ed710a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12056", "type": "seen", "source": "https://t.me/cvedetector/12009", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12056 - Apache OAuth Client Unauthorized Access Vuln\", \n  \"Content\": \"CVE ID : CVE-2024-12056 \nPublished : Dec. 4, 2024, 3:15 p.m. | 18\u00a0minutes ago \nDescription : The Client secret is not checked when using the OAuth Password grant type.  \n  \nBy exploiting this vulnerability, an attacker could connect to a web server using a client application not explicitly authorized as part of the OAuth deployment.  \nExploitation requires valid credentials and does not permit the attacker to bypass user privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T16:45:47.000000Z"}, {"uuid": "2656f4f5-cfd7-4d5a-85e5-ce6ff0040460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12059", "type": "seen", "source": "https://t.me/cvedetector/12729", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12059 - Elementor ElementInvader Sensitive Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-12059 \nPublished : Dec. 12, 2024, 6:15 a.m. | 42\u00a0minutes ago \nDescription : The ElementInvader Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.3.1 via the eli_option_value shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract arbitrary options from the wp_options table. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T07:58:26.000000Z"}, {"uuid": "6268c060-e09e-4330-ae55-168f109909a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12053", "type": "seen", "source": "https://t.me/cvedetector/11910", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12053 - Type Confusion in V8 in Google Chrome prior to 131\", \n  \"Content\": \"CVE ID : CVE-2024-12053 \nPublished : Dec. 3, 2024, 7:15 p.m. | 21\u00a0minutes ago \nDescription : Type Confusion in V8 in Google Chrome prior to 131.0.6778.108 allowed a remote attacker to potentially exploit object corruption via a crafted HTML page. (Chromium security severity: High) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-03T20:40:58.000000Z"}, {"uuid": "94e6bebe-32e8-456a-b621-e1b8f398d85d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12053", "type": "seen", "source": "https://bsky.app/profile/infosecbot.bsky.social/post/3mknr2dopkb2w", "content": "Want to know how a \u201csmall\u201d WebAssembly issue can become a big security problem?\n\nIn our new article, SSD Labs researcher, Aaron Cho, analyzes CVE-2024-12053. An arbitrary WebAssembly type confu\u2026\n\n\ud83d\udd01 RT @SecuriTeam_SSD | reposted by @hasherezade\nhttps://x.com/SecuriTeam_SSD/status/2049406877620941208", "creation_timestamp": "2026-04-29T18:45:33.017236Z"}, {"uuid": "edcaf837-c0d6-47f5-ba01-4ce13c4073f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12059", "type": "seen", "source": "Telegram/-A1KUQpEaF_OE6KbX-bK0AxbjGCqeeDtuI0zxCUPzPMVQtVF", "content": "", "creation_timestamp": "2025-03-08T04:34:11.000000Z"}, {"uuid": "f0a7ef7d-0468-470f-87ea-127b03f0caa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12054", "type": "seen", "source": "Telegram/Vz13zTwm0TEGry8Mk8nOD5Bdc_tHpYiS9RQAQ7vfvwZR9kt4", "content": "", "creation_timestamp": "2025-02-14T10:09:24.000000Z"}]}