{"vulnerability": "cve-2024-1201", "sightings": [{"uuid": "9c682649-999c-44b2-87df-e09e62fdd0d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12015", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113583475655174182", "content": "", "creation_timestamp": "2024-12-02T13:31:36.440884Z"}, {"uuid": "c56f9faf-1f40-46b8-ac40-f2e3b6067e9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12014", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113685288004309720", "content": "", "creation_timestamp": "2024-12-20T13:03:49.692516Z"}, {"uuid": "19e421ee-475a-48c4-a021-475799825278", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12014", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldqhsl6bfh2a", "content": "", "creation_timestamp": "2024-12-20T13:15:34.237625Z"}, {"uuid": "4216009c-54c6-462c-b746-b23afb32a9c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12018", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113638312546521031", "content": "", "creation_timestamp": "2024-12-12T05:57:21.181843Z"}, {"uuid": "88f2b8d2-df03-49c2-86b6-037caeea6e52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12016", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lktsgno5gq27", "content": "", "creation_timestamp": "2025-03-20T23:00:05.763350Z"}, {"uuid": "4c24e0bc-4e2b-48de-b2c0-ec71bd064654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12019", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkei5x6ro426", "content": "", "creation_timestamp": "2025-03-14T20:46:21.853564Z"}, {"uuid": "6a678103-dae9-4351-b8ea-a25aae5f697d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12010", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lk3ey3nmfz2m", "content": "", "creation_timestamp": "2025-03-11T05:55:25.026161Z"}, {"uuid": "7f35d87f-fac7-480b-8afc-d0e31d644ae2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12016", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lkscf6j4s62p", "content": "", "creation_timestamp": "2025-03-20T08:40:16.593457Z"}, {"uuid": "d474aa70-d1a7-4c44-8f20-d30f6315606e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-12011", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113997416189281935", "content": "", "creation_timestamp": "2025-02-13T16:02:07.780454Z"}, {"uuid": "92e8b4ee-14b6-45e2-8f94-52a3151efdf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-12012", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113997425572119565", "content": "", "creation_timestamp": "2025-02-13T16:04:31.010809Z"}, {"uuid": "a39af1e8-f81b-4937-90ce-c4ae98b17e01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-12013", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113997425586155705", "content": "", "creation_timestamp": "2025-02-13T16:04:31.240554Z"}, {"uuid": "38286db3-021b-4ab5-89b8-fec32ecaafdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12016", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lksiy2bufs2u", "content": "", "creation_timestamp": "2025-03-20T10:38:12.087269Z"}, {"uuid": "f08a36b1-e751-4b56-8736-5aacca816992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12016", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lksdoltrrq2j", "content": "", "creation_timestamp": "2025-03-20T09:03:27.160402Z"}, {"uuid": "e9e2dad1-55f8-4e5a-b408-f859f61276cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12016", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114194363600674612", "content": "", "creation_timestamp": "2025-03-20T10:48:26.903129Z"}, {"uuid": "5ea42494-683e-4f5b-b956-e07633efac2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12010", "type": "seen", "source": "https://t.me/cvedetector/20029", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12010 - Zyxel AX7501-B1 Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12010 \nPublished : March 11, 2025, 2:15 a.m. | 1\u00a0hour, 27\u00a0minutes ago \nDescription : A post-authentication command injection vulnerability in the \u201dzyUtilMailSend\u201d function of the Zyxel\u00a0AX7501-B1 firmware version\u00a0V5.17(ABPC.5.3)C0 and earlier could allow an authenticated attacker with administrator privileges to execute operating system (OS) commands on a vulnerable device. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-11T05:05:02.000000Z"}, {"uuid": "bc7e6447-6878-4b69-9142-e6471c8bbbc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12016", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lkv2o4srrk2q", "content": "", "creation_timestamp": "2025-03-21T11:00:06.466332Z"}, {"uuid": "3fbe7ee2-9843-4dc7-be44-d7d17d1a3a3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12019", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7932", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12019\n\ud83d\udd25 CVSS Score: 7.1 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: The API used to interact with documents in the application contains a flaw that allows an authenticated attacker to read the contents of files on the underlying operating system. An account with \u2018read\u2019 and \u2018download\u2019 privileges on at least one existing document in the application is required to exploit the vulnerability.\u00a0Exploitation of this vulnerability would allow an attacker to read the contents of any file available within the privileges of the system user running the application.\n\ud83d\udccf Published: 2025-03-14T18:07:01.253Z\n\ud83d\udccf Modified: 2025-03-18T16:26:57.725Z\n\ud83d\udd17 References:\n1. https://www.blackduck.com/blog/cyrc-advisory-logicaldoc.html", "creation_timestamp": "2025-03-18T16:51:24.000000Z"}, {"uuid": "8256d60f-e303-4d59-a0c8-04edf80e1645", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12013", "type": "seen", "source": "https://t.me/cvedetector/18037", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12013 - Fortinet TCP/IP Gateway Default Credentials Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-12013 \nPublished : Feb. 13, 2025, 4:15 p.m. | 1\u00a0hour, 25\u00a0minutes ago \nDescription : A CWE-1392 \u201cUse of Default Credentials\u201d was discovered affecting the 130.8005 TCP/IP Gateway running firmware version 12h. The device exposes an FTP server with default and easy-to-guess admin credentials. A remote attacker capable of interacting with the FTP server could gain access and perform changes over resources exposed by the service such as configuration files where password hashes are saved or where network settings are stored. \nSeverity: 7.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-13T18:50:45.000000Z"}, {"uuid": "c9b120ed-5f5c-440d-aa26-66c9bbc1d28b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1201", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18334", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-1201\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Search path or unquoted item vulnerability in HDD Health affecting versions 4.2.0.112 and earlier. This vulnerability could allow a local attacker to store a malicious executable file within the unquoted search path, resulting in privilege escalation.\n\ud83d\udccf Published: 2024-02-02T12:00:51.824Z\n\ud83d\udccf Modified: 2025-06-13T19:01:22.377Z\n\ud83d\udd17 References:\n1. https://www.incibe.es/en/incibe-cert/notices/aviso/panterasoft-hdd-health-search-path-or-unquoted-item-vulnerability", "creation_timestamp": "2025-06-13T19:35:08.000000Z"}, {"uuid": "c70c5c7e-541b-4b27-864d-42f5ad2379fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12019", "type": "seen", "source": "https://t.me/cvedetector/20340", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12019 - Adobe Document Server Local File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12019 \nPublished : March 14, 2025, 6:15 p.m. | 1\u00a0hour, 22\u00a0minutes ago \nDescription : The API used to interact with documents in the application contains a flaw that allows an authenticated attacker to read the contents of files on the underlying operating system. An account with \u2018read\u2019 and \u2018download\u2019 privileges on at least one existing document in the application is required to exploit the vulnerability.\u00a0Exploitation of this vulnerability would allow an attacker to read the contents of any file available within the privileges of the system user running the application. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-14T20:53:51.000000Z"}, {"uuid": "b5ecfdd5-51af-4d01-bffb-6492ac07addd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12014", "type": "seen", "source": "https://t.me/cvedetector/13431", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12014 - eSigna eSignaViewer Path Traversal and Insecure Direct Object Reference\", \n  \"Content\": \"CVE ID : CVE-2024-12014 \nPublished : Dec. 20, 2024, 1:15 p.m. | 38\u00a0minutes ago \nDescription : Path Traversal and Insecure Direct Object Reference (IDOR) vulnerabilities in the eSignaViewer component in eSigna product versions 1.0 to 1.5 on all platforms allow an unauthenticated attacker to access arbitrary files in the document system via manipulation of file paths and object identifiers. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T15:04:37.000000Z"}, {"uuid": "409c2f40-38d0-4ec2-8d9c-fea56f464bf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12016", "type": "seen", "source": "https://t.me/cvedetector/20704", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12016 - CM Informatics CM News SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-12016 \nPublished : March 20, 2025, 8:15 a.m. | 1\u00a0hour, 35\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in CM Informatics CM News allows SQL Injection.This issue affects CM News: through 6.0.  \n  \n  \n  \n  \n  \nNOTE: The vendor was contacted and it was learned that the product is not supported. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-20T11:32:44.000000Z"}, {"uuid": "0555fd25-c06c-403d-9fbb-52e2fa9fb796", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1201", "type": "seen", "source": "https://t.me/ctinow/178064", "content": "https://ift.tt/9Cj2vaJ\nCVE-2024-1201", "creation_timestamp": "2024-02-02T13:21:33.000000Z"}, {"uuid": "43042d62-2456-4a52-9806-8c74b4497dbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12018", "type": "seen", "source": "https://t.me/cvedetector/12735", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12018 - WordPress Snippet Shortcodes Unauthorized Shortcode Deletion\", \n  \"Content\": \"CVE ID : CVE-2024-12018 \nPublished : Dec. 12, 2024, 6:15 a.m. | 42\u00a0minutes ago \nDescription : The Snippet Shortcodes plugin for WordPress is vulnerable to unauthorized Shortcode Deletion due to missing authorization in all versions up to, and including, 4.1.6. Note that a nonce is used as authentication here, but the value is leaked. This makes it possible for authenticated attackers, with Subscriber-level access and above, to delete the plugin's Shortcodes. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T07:58:36.000000Z"}]}