{"vulnerability": "CVE-2024-36974", "sightings": [{"uuid": "00dc9051-376c-4fd3-aef3-ee0c20f701ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36974", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/830", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:28:37.000000Z"}, {"uuid": "04d3963a-becd-405a-8b80-c42d8466b2af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36974", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "7f4bd5a6-fc9a-4d82-acb9-f40c5762137e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36974", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8721", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:28:55.000000Z"}, {"uuid": "ebc90d6e-408a-44d7-b1b7-63336a51b061", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36974", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7389", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:28:55.000000Z"}, {"uuid": "49c6412b-0d09-4d75-bb1a-682f72a90a6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36974", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3714", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:28:46.000000Z"}, {"uuid": "faafcfbe-f9b6-4134-ab1d-3f9b42967d14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36974", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/23702", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:29:06.000000Z"}, {"uuid": "7d6ea009-a5b3-49ef-bbe2-145fabda861b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36974", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/4327", "content": "#exploit\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\nhttps://github.com/mistymntncop/CVE-2024-5274", "creation_timestamp": "2024-09-01T09:52:41.000000Z"}, {"uuid": "0b3cc9dc-5af0-4934-bdef-e483945cd260", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36974", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11066", "content": "#exploit\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\nhttps://github.com/mistymntncop/CVE-2024-5274", "creation_timestamp": "2024-09-02T02:57:44.000000Z"}, {"uuid": "0831261c-9db1-4761-b10e-29a7baf352a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36974", "type": "seen", "source": "https://t.me/InfoSecInsider/223", "content": "Tools - Hackers Factory \n\nThe tool that bypasses the firewall's Application Based Rules and lets you connect to anywhere, ANY IP, ANY PORT and ANY APPLICATION.\n\nhttps://github.com/keywa7/keywa7\n\nA tool that allows you to search for vulnerable android devices across the world and exploit them.\n\nhttps://github.com/0x1CA3/AdbNet\n\nAndroid malware source code dataset collected from public resources.\n\nhttps://github.com/d-Raco/android-malware-source-code-samples\n\nNext-Level Reversing: Binary Ninja+TTD\n\nhttps://seeinglogic.com/posts/binary-ninja-ttd-intro/\n\n#Exploit\n\n1. CVE-2024-36974:\nLinux Kernel taprio_parse_mqprio_opt injection\n\nhttps://ssd-disclosure.com/ssd-advisory-linux-kernel-taprio-oob\n\n2. CVE-2024-5274:\nType Confusion in V8 in Google Chrome\n\nhttps://github.com/mistymntncop/CVE-2024-5274\n\n#Threat_Research\n\n1. Analyse MSI files for vulnerabilities\n\nhttps://github.com/CICADA8-Research/MyMSIAnalyzer\n\n2. Analysis of two arbitrary code execution vulnerabilities affecting WPS Office (CVE-2024-7262/CVE-2024-7263)\n\nhttps://welivesecurity.com/en/eset-research/analysis-of-two-arbitrary-code-execution-vulnerabilities-affecting-wps-office\n\nDiscover Ashok, an OSINT reconnaissance tool with features like Wayback Machine crawling, unlimited Google Dorking, GitHub info grabber, subdomain finder and CMS/tech detection!\n\nhttps://github.com/powerexploit/Ashok\n\nBest list of top xss Polyglots to Bypass WAF's\n\nhttps://github.com/coffinsp/lostools/blob/coffin/xsspollygots.txt\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-09-08T06:29:06.000000Z"}]}