{"vulnerability": "cve-2024-2240", "sightings": [{"uuid": "491cd712-b31f-461a-bc0a-9ca6daa81713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2240", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114000469367978113", "content": "", "creation_timestamp": "2025-02-14T04:58:35.665838Z"}, {"uuid": "ccae915d-81a4-4ed6-a71d-2ec4f2483f67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2240", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li4h3r3ycx2z", "content": "", "creation_timestamp": "2025-02-14T05:15:31.967560Z"}, {"uuid": "dc30048e-e216-473e-bb55-d1fbc04426c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2240", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3li4skdm6iq26", "content": "", "creation_timestamp": "2025-02-14T08:40:32.326889Z"}, {"uuid": "31d854df-9f1b-4a5a-b75b-71b06a532100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2240", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4421", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-2240\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability could allow a remote authenticated attacker to execute various attacks.\n\ud83d\udccf Published: 2025-02-14T06:30:36Z\n\ud83d\udccf Modified: 2025-02-14T06:30:36Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-2240\n2. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25401", "creation_timestamp": "2025-02-14T07:09:53.000000Z"}, {"uuid": "134dcff9-f325-4f43-bda3-d0b5ef464753", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2240", "type": "seen", "source": "Telegram/hFl-dSCS4NcH_nU1Q4eehts6pYXqqIJyfXf5ZaQteu0O3h4q", "content": "", "creation_timestamp": "2025-02-14T21:08:28.000000Z"}, {"uuid": "abf95c8d-aa86-429a-a846-6ab411ace989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22406", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12139", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-27892\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Shopware prior to version 6.5.8.13 is affected by a SQL injection vulnerability in the /api/search/order endpoint. NOTE: this issue exists because of a CVE-2024-22406 and CVE-2024-42357 regression.\n\ud83d\udccf Published: 2025-04-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-16T18:32:23.303Z\n\ud83d\udd17 References:\n1. https://github.com/shopware/shopware/security/advisories/GHSA-8g35-7rmw-7f59\n2. https://www.redteam-pentesting.de/en/advisories/rt-sa-2025-001/", "creation_timestamp": "2025-04-16T18:56:18.000000Z"}, {"uuid": "85bf21cc-3579-4248-a6db-5b6354ad1ac9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2240", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/4432", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-2240\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-14T05:15:11.550\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25401", "creation_timestamp": "2025-02-14T07:12:20.000000Z"}, {"uuid": "c7df378e-528a-4da3-94b7-27dd691deeb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22406", "type": "seen", "source": "https://t.me/cvedetector/23032", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27892 - Shopware SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27892 \nPublished : April 15, 2025, 10:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : Shopware prior to version 6.5.8.13 is affected by a SQL injection vulnerability in the /api/search/order endpoint. NOTE: this issue exists because of a CVE-2024-22406 and CVE-2024-42357 regression. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-16T01:49:06.000000Z"}, {"uuid": "f18ab6c1-a164-49d1-b2c5-eb62c3e58f22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22402", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17745", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-22402\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: Nextcloud guests app is a utility to create guest users which can only see files shared with them. In affected versions users were able to load the first page of apps they were actually not allowed to access. Depending on the selection of apps installed this may present a permissions bypass. It is recommended that the Guests app is upgraded to 2.4.1, 2.5.1 or 3.0.1. There are no known workarounds for this vulnerability.\n\ud83d\udccf Published: 2024-01-18T20:23:54.714Z\n\ud83d\udccf Modified: 2025-06-09T18:46:12.916Z\n\ud83d\udd17 References:\n1. https://github.com/nextcloud/security-advisories/security/advisories/GHSA-v3qw-7vgv-2fxj\n2. https://github.com/nextcloud/guests/pull/1082\n3. https://hackerone.com/reports/2251074", "creation_timestamp": "2025-06-09T19:48:04.000000Z"}, {"uuid": "27e2a210-94dd-47f2-bb42-f671c2c959c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2240", "type": "seen", "source": "https://t.me/cvedetector/18066", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-2240 - Brocade SANnav Docker Daemon Unauthenticated Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-2240 \nPublished : Feb. 14, 2025, 5:15 a.m. | 39\u00a0minutes ago \nDescription : Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability could allow a remote authenticated attacker to execute various attacks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-14T07:23:27.000000Z"}, {"uuid": "aa05b5d6-063f-4db8-a13d-84bf00c9f2ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2240", "type": "seen", "source": "Telegram/uFK6pXT08f2N_mxPxZG2lYGeAWN2H593_L8I5kX196bDwyB0", "content": "", "creation_timestamp": "2025-02-14T10:09:24.000000Z"}, {"uuid": "e8b74e4e-f85b-4484-ae9e-76b8ef27b37b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22407", "type": "seen", "source": "https://t.me/ctinow/182584", "content": "https://ift.tt/9ap3tes\nCVE-2024-22407 | Shopware up to 6.5.7.3 access control (GHSA-3867-jc5c-66qf)", "creation_timestamp": "2024-02-10T15:46:15.000000Z"}, {"uuid": "a78a0d37-8d81-4752-87cc-39d25ab28e4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22409", "type": "seen", "source": "https://t.me/arpsyndicate/2965", "content": "#ExploitObserverAlert\n\nCVE-2024-22409\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-22409. DataHub is an open-source metadata platform. In affected versions a low privileged user could remove a user, edit group members, or edit another user's profile information. The default privileges gave too many broad permissions to low privileged users. These have been constrained in PR #9067 to prevent abuse. This issue can result in privilege escalation for lower privileged users up to admin privileges, potentially, if a group with admin privileges exists. May not impact instances that have modified default privileges. This issue has been addressed in datahub version 0.12.1. Users are advised to upgrade.", "creation_timestamp": "2024-01-20T15:43:38.000000Z"}, {"uuid": "47598ddc-6038-470a-9128-1c8fb7047f22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22406", "type": "seen", "source": "https://t.me/ctinow/180226", "content": "https://ift.tt/iECIlwq\nCVE-2024-22406 | Shopware up to 6.5.7.3 API sql injection (GHSA-qmp9-2xwj-m6m9)", "creation_timestamp": "2024-02-06T18:41:39.000000Z"}, {"uuid": "bfcbf105-0d1b-40f3-ae14-4002dfb6d3fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22408", "type": "seen", "source": "https://t.me/ctinow/180227", "content": "https://ift.tt/YofGV8h\nCVE-2024-22408 | Shopware up to 6.5.7.3 Flow Builder server-side request forgery (GHSA-3535-m8vh-vrmw)", "creation_timestamp": "2024-02-06T18:41:40.000000Z"}, {"uuid": "5570d34c-9bbb-468e-8704-400fb74773ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22409", "type": "seen", "source": "https://t.me/ctinow/180185", "content": "https://ift.tt/lxCHWRB\nCVE-2024-22409 | DataHub up to 0.12.0 default permission (GHSA-x3v6-r479-m4xv)", "creation_timestamp": "2024-02-06T18:12:10.000000Z"}, {"uuid": "ab129671-dfdd-449e-ad95-1a7c7a293a4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22401", "type": "seen", "source": "https://t.me/ctinow/183120", "content": "https://ift.tt/lex0cdf\nCVE-2024-22401 | NextCloud Guests up to 2.4.0/2.5.0/3.0.0 Allowed Apps List behavioral workflow (GHSA-wr87-hx3w-29hh)", "creation_timestamp": "2024-02-12T14:41:45.000000Z"}, {"uuid": "321ff92e-0cd6-4848-a288-103903455ece", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22400", "type": "seen", "source": "https://t.me/ctinow/183117", "content": "https://ift.tt/UfN7V0e\nCVE-2024-22400 | NextCloud User Saml up to 5.1.4/5.2.4/6.0.0 Link redirect (GHSA-622q-xhfr-xmv7)", "creation_timestamp": "2024-02-12T14:41:41.000000Z"}, {"uuid": "dd7ef269-33ed-495f-8c6a-fc530e9b5a73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22404", "type": "seen", "source": "https://t.me/ctinow/183122", "content": "https://ift.tt/Ub50KsE\nCVE-2024-22404 | NextCloud Files ZIP up to 1.2.0/1.4.0 ZIP Archive access control", "creation_timestamp": "2024-02-12T14:41:47.000000Z"}, {"uuid": "d13a0c3f-9d55-4b97-a800-a80afa73fb59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22402", "type": "seen", "source": "https://t.me/ctinow/183121", "content": "https://ift.tt/b62Ms5X\nCVE-2024-22402 | NextCloud Guests up to 2.4.0/2.5.0/3.0.0 Request URL url encoding (GHSA-v3qw-7vgv-2fxj)", "creation_timestamp": "2024-02-12T14:41:46.000000Z"}, {"uuid": "959f53a6-d484-417c-a72f-c374b8f54397", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22408", "type": "seen", "source": "https://t.me/ctinow/169054", "content": "https://ift.tt/MvDorxN\nCVE-2024-22408", "creation_timestamp": "2024-01-17T00:26:46.000000Z"}, {"uuid": "ee91c3ad-ae5c-41f0-af60-65efb25c4efb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22409", "type": "seen", "source": "https://t.me/ctinow/169055", "content": "https://ift.tt/cRox4ba\nCVE-2024-22409", "creation_timestamp": "2024-01-17T00:26:47.000000Z"}, {"uuid": "92504951-fe18-4f99-a209-325a1700835d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22409", "type": "seen", "source": "https://t.me/ctinow/173714", "content": "https://ift.tt/XW8gnE7\nCVE-2024-22409 Exploit", "creation_timestamp": "2024-01-25T19:16:44.000000Z"}, {"uuid": "2c5a142f-2f6f-4aa0-9a4b-f54231a74135", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22403", "type": "seen", "source": "https://t.me/ctinow/169944", "content": "https://ift.tt/i8T9BZm\nCVE-2024-22403", "creation_timestamp": "2024-01-18T21:26:20.000000Z"}, {"uuid": "8bc7920c-5115-4b26-aaf9-dbc43cca3795", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22400", "type": "seen", "source": "https://t.me/ctinow/169943", "content": "https://ift.tt/sEAB8aY\nCVE-2024-22400", "creation_timestamp": "2024-01-18T21:26:19.000000Z"}, {"uuid": "07488c4e-cef0-4733-95b8-7a45c179a470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22404", "type": "seen", "source": "https://t.me/ctinow/169969", "content": "https://ift.tt/2gQrAV6\nCVE-2024-22404", "creation_timestamp": "2024-01-18T22:21:37.000000Z"}, {"uuid": "644ee8ca-d577-476b-a3fa-ea8138ecdde4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22407", "type": "seen", "source": "https://t.me/ctinow/169053", "content": "https://ift.tt/RKvTXgb\nCVE-2024-22407", "creation_timestamp": "2024-01-17T00:26:45.000000Z"}, {"uuid": "e66ca1e5-11c1-4887-bfb5-40dc632aa474", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22406", "type": "seen", "source": "https://t.me/ctinow/169052", "content": "https://ift.tt/uKIbym4\nCVE-2024-22406", "creation_timestamp": "2024-01-17T00:26:44.000000Z"}, {"uuid": "cd1aed8f-9bd2-436c-ad76-df5ed9421567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22403", "type": "seen", "source": "https://t.me/ctinow/169974", "content": "https://ift.tt/yUsBz96\nCVE-2024-22403 | NextCloud Server up to 27.x OAuth2 violation of secure design principles (GHSA-wppc-f5g8-vx36)", "creation_timestamp": "2024-01-18T22:26:25.000000Z"}, {"uuid": "a8e2c0e6-dd52-49fd-8a9d-8405a9ee8264", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22402", "type": "seen", "source": "https://t.me/ctinow/169968", "content": "https://ift.tt/ZmKa9OI\nCVE-2024-22402", "creation_timestamp": "2024-01-18T22:21:35.000000Z"}, {"uuid": "81ff539f-82c5-4ac1-bd9a-8fc04c6e918c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-22401", "type": "seen", "source": "https://t.me/ctinow/169967", "content": "https://ift.tt/GcCsfUj\nCVE-2024-22401", "creation_timestamp": "2024-01-18T22:21:34.000000Z"}]}