{"vulnerability": "cve-2024-2368", "sightings": [{"uuid": "53bcbb93-fc8d-498d-a85c-3ac835eb6f42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23688", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19026", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23688\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. which should ideally be unique for every message. The node's private key isn't compromised, only the session key generated for specific peer communication is exposed.\n\n\n\ud83d\udccf Published: 2024-01-19T21:26:35.282Z\n\ud83d\udccf Modified: 2025-06-20T18:28:31.476Z\n\ud83d\udd17 References:\n1. https://github.com/ConsenSys/discovery/security/advisories/GHSA-w3hj-wr2q-x83g\n2. https://github.com/advisories/GHSA-w3hj-wr2q-x83g\n3. https://vulncheck.com/advisories/vc-advisory-GHSA-w3hj-wr2q-x83g", "creation_timestamp": "2025-06-20T18:42:20.000000Z"}, {"uuid": "9253a3fa-38fb-40db-ab47-15c35cb676a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23684", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19027", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23684\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation (CBOR) versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use of this library, this may be a remote attacker.\n\n\n\ud83d\udccf Published: 2024-01-19T20:59:02.723Z\n\ud83d\udccf Modified: 2025-06-20T18:27:45.342Z\n\ud83d\udd17 References:\n1. https://github.com/peteroupc/CBOR-Java/security/advisories/GHSA-fj2w-wfgv-mwq6\n2. https://github.com/advisories/GHSA-fj2w-wfgv-mwq6\n3. https://vulncheck.com/advisories/vc-advisory-GHSA-fj2w-wfgv-mwq6", "creation_timestamp": "2025-06-20T18:42:21.000000Z"}, {"uuid": "2a8a529f-3fa4-48a3-bc1c-666c2dd91b6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23683", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19028", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23683\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.\n\n\n\n\n\n\n\ud83d\udccf Published: 2024-01-19T20:48:42.271Z\n\ud83d\udccf Modified: 2025-06-20T18:26:59.260Z\n\ud83d\udd17 References:\n1. https://github.com/ls1intum/Ares/security/advisories/GHSA-883x-6fch-6wjx\n2. https://github.com/ls1intum/Ares/issues/15#issuecomment-996449371\n3. https://github.com/ls1intum/Ares/commit/af4f28a56e2fe600d8750b3b415352a0a3217392\n4. https://github.com/ls1intum/Ares/releases/tag/1.7.6\n5. https://github.com/advisories/GHSA-883x-6fch-6wjx\n6. https://vulncheck.com/advisories/vc-advisory-GHSA-883x-6fch-6wjx", "creation_timestamp": "2025-06-20T18:42:22.000000Z"}, {"uuid": "46c8a1cd-7eb8-4c57-a8ce-86cd6face905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23682", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19029", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23682\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.\n\n\n\n\ud83d\udccf Published: 2024-01-19T20:13:55.453Z\n\ud83d\udccf Modified: 2025-06-20T18:25:03.328Z\n\ud83d\udd17 References:\n1. https://github.com/ls1intum/Ares/security/advisories/GHSA-227w-wv4j-67h4\n2. https://github.com/ls1intum/Ares/issues/15\n3. https://github.com/ls1intum/Ares/releases/tag/1.8.0\n4. https://github.com/advisories/GHSA-227w-wv4j-67h4\n5. https://vulncheck.com/advisories/vc-advisory-GHSA-227w-wv4j-67h4", "creation_timestamp": "2025-06-20T18:42:23.000000Z"}, {"uuid": "5caac75d-7e2a-4142-81e8-eb4b1abfe8d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23686", "type": "seen", "source": "https://t.me/ctinow/185829", "content": "https://ift.tt/BP6c9yg\nCVE-2024-23686 | DependencyCheck up to 9.0.5/9.0.6 on Maven/CLI/Ant Debug Mode log file (GHSA-qqhq-8r2c-c3f5)", "creation_timestamp": "2024-02-15T19:56:24.000000Z"}, {"uuid": "b42f264f-85fc-42d9-b96f-69a1b4747957", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23682", "type": "seen", "source": "https://t.me/ctinow/185642", "content": "https://ift.tt/XI0GEsS\nCVE-2024-23682 | Artemis Java Test Sandbox versions up to 1.7.x trust boundary violation (ID 15)", "creation_timestamp": "2024-02-15T15:56:49.000000Z"}, {"uuid": "97bcb5ab-0eb9-4fa3-a77f-0ab9f786eab4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23680", "type": "seen", "source": "https://t.me/ctinow/185687", "content": "https://ift.tt/kqz9tM3\nCVE-2024-23680 | Amazon AWS Encryption SDK for Java up to 1.9.0/2.2.0 ECDSA Signature signature verification (GHSA-55xh-53m6-936r)", "creation_timestamp": "2024-02-15T16:52:04.000000Z"}, {"uuid": "088ff45d-84de-4db3-b518-74be35da50a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23681", "type": "seen", "source": "https://t.me/ctinow/185831", "content": "https://ift.tt/4uLiwOB\nCVE-2024-23681 | Artemis Java Test Sandbox up to 1.11.1 sandbox (GHSA-98hq-4wmw-98w9)", "creation_timestamp": "2024-02-15T19:56:26.000000Z"}, {"uuid": "10a0a0a9-78a2-4ec5-963a-5798a97657dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23687", "type": "seen", "source": "https://t.me/ctinow/185830", "content": "https://ift.tt/2fDjhVQ\nCVE-2024-23687 | Folio mod-data-export-spring versions up to 1.5.3/2.0.1 API hard-coded credentials (GHSA-vf78-3q9f-92g3)", "creation_timestamp": "2024-02-15T19:56:25.000000Z"}, {"uuid": "9af0be56-5fa5-4c8a-954e-7e50cdd3b7d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23688", "type": "seen", "source": "https://t.me/ctinow/170465", "content": "https://ift.tt/23ISoQp\nCVE-2024-23688", "creation_timestamp": "2024-01-19T23:21:58.000000Z"}, {"uuid": "2288da8d-033f-4a80-ab40-8ff2acde191a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23688", "type": "seen", "source": "https://t.me/ctinow/185773", "content": "https://ift.tt/AylvtHn\nCVE-2024-23688 | Consensys Discovery up to 0.4.4 AES Handler/GCM nonce re-use (GHSA-w3hj-wr2q-x83g)", "creation_timestamp": "2024-02-15T18:57:04.000000Z"}, {"uuid": "7893a226-aae7-4ff6-b62b-0d948f23fba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23684", "type": "seen", "source": "https://t.me/ctinow/185772", "content": "https://ift.tt/lUxwbnk\nCVE-2024-23684 | com.upokecenter.cbor up to 4.5.1 DecodeFromBytes algorithmic complexity (GHSA-fj2w-wfgv-mwq6)", "creation_timestamp": "2024-02-15T18:57:03.000000Z"}, {"uuid": "90056fc2-cb0a-458a-b44a-45e4be9282eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23689", "type": "seen", "source": "https://t.me/ctinow/185771", "content": "https://ift.tt/MY1XHdz\nCVE-2024-23689 | ClichHouse r2dbc/jdbc/client up to 0.4.5 information exposure (ID 1331)", "creation_timestamp": "2024-02-15T18:57:01.000000Z"}, {"uuid": "8a9b9c45-cfaf-493f-89e2-c7a1cde0d9f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23685", "type": "seen", "source": "https://t.me/ctinow/185770", "content": "https://ift.tt/JTSwZY4\nCVE-2024-23685 | mod-remote-storage up to 1.7.1/2.0.2 hard-coded credentials (GHSA-m8v7-469p-5x89)", "creation_timestamp": "2024-02-15T18:57:00.000000Z"}, {"uuid": "17758854-16c3-42c4-a6f4-0b5d7c521dad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23681", "type": "seen", "source": "https://t.me/ctinow/174446", "content": "https://ift.tt/XCt72QB\nCVE-2024-23681 Exploit", "creation_timestamp": "2024-01-26T20:16:26.000000Z"}, {"uuid": "f6d84e92-dac8-4a0b-bcfa-e2eb30eaf60e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23682", "type": "seen", "source": "https://t.me/ctinow/174445", "content": "https://ift.tt/8JFHvWq\nCVE-2024-23682 Exploit", "creation_timestamp": "2024-01-26T20:16:24.000000Z"}, {"uuid": "94472761-fb9e-4388-9935-ed6381cb6e9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23687", "type": "seen", "source": "https://t.me/ctinow/170464", "content": "https://ift.tt/MONyqnA\nCVE-2024-23687", "creation_timestamp": "2024-01-19T23:21:56.000000Z"}, {"uuid": "0a2ef19e-0e0c-4ac7-a4a8-fddfc6a09da0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23686", "type": "seen", "source": "https://t.me/ctinow/170463", "content": "https://ift.tt/LOs6UoM\nCVE-2024-23686", "creation_timestamp": "2024-01-19T23:21:55.000000Z"}, {"uuid": "689b2ae1-8185-403e-8b52-a3b687309f86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23683", "type": "seen", "source": "https://t.me/ctinow/174448", "content": "https://ift.tt/R53Y4lc\nCVE-2024-23683 Exploit", "creation_timestamp": "2024-01-26T20:16:28.000000Z"}, {"uuid": "87e42e5f-cab0-4b25-a17c-5a8574462d5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23689", "type": "seen", "source": "https://t.me/ctinow/174342", "content": "https://ift.tt/L16n8J3\nCVE-2024-23689 Exploit", "creation_timestamp": "2024-01-26T17:16:42.000000Z"}]}