{"vulnerability": "cve-2024-2478", "sightings": [{"uuid": "f2e1b9e6-60fb-4b90-879f-d617d03317e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24789", "type": "seen", "source": "https://bsky.app/profile/securitylab-jp.bsky.social/post/3lqtgw6dhi22u", "content": "", "creation_timestamp": "2025-06-05T04:05:14.816533Z"}, {"uuid": "a3bff226-036b-4243-a293-fb1e42c27307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24780", "type": "seen", "source": "https://seclists.org/oss-sec/2025/q2/140", "content": "", "creation_timestamp": "2025-05-14T00:46:21.000000Z"}, {"uuid": "d4994aa4-62c2-4068-b846-af4b1d1c8679", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24780", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp4tn434y4j2", "content": "", "creation_timestamp": "2025-05-14T10:59:53.434440Z"}, {"uuid": "b16a447d-5320-4d80-aee3-338b699b7f37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24780", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lp4yxlhcq62t", "content": "", "creation_timestamp": "2025-05-14T12:31:40.412323Z"}, {"uuid": "25fc0293-f010-4890-a2a2-e0d6d38c5c22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24780", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp5gqage3p2h", "content": "", "creation_timestamp": "2025-05-14T16:38:08.417798Z"}, {"uuid": "6f6013c5-7785-4f9a-99d3-18ed9508a033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24780", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lpb2zvjy7k2m", "content": "", "creation_timestamp": "2025-05-16T03:19:24.965604Z"}, {"uuid": "c299aff2-0ace-45c1-9f65-bb7cf2fe850c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24786", "type": "seen", "source": "https://gist.github.com/gnanirahulnutakki/1c110c0c96dc914ad7e75924b4f8246b", "content": "", "creation_timestamp": "2026-01-31T00:26:39.000000Z"}, {"uuid": "d7569514-56f7-4da6-a638-163f2b1960a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24780", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16300", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-24780\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Remote Code Execution with untrusted URI of UDF vulnerability in Apache IoTDB. The attacker who has\u00a0privilege to create UDF can register malicious function from\u00a0untrusted URI.\n\nThis issue affects Apache IoTDB: from 1.0.0 before 1.3.4.\n\nUsers are recommended to upgrade to version 1.3.4, which fixes the issue.\n\ud83d\udccf Published: 2025-05-14T10:42:20.580Z\n\ud83d\udccf Modified: 2025-05-14T11:03:09.771Z\n\ud83d\udd17 References:\n1. https://lists.apache.org/thread/xphtm98v3zsk9vlpfh481m1ry2ctxvmj", "creation_timestamp": "2025-05-14T11:31:21.000000Z"}, {"uuid": "c666911d-023c-449d-866d-1855bc1a20ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24787", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7262", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-24787 Proof of Concept\nURL\uff1ahttps://github.com/LOURC0D3/CVE-2024-24787-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-10T07:52:36.000000Z"}, {"uuid": "e759f3cf-e4fd-4a94-bf6b-465e2041bdb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24787", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/237", "content": "\u200aCVE-2024-24787 (CVSS 9.8): Go Vulnerability Could Lead to Code Execution\n\nhttps://securityonline.info/cve-2024-24787-cvss-9-8-go-vulnerability-could-lead-to-code-execution/", "creation_timestamp": "2024-05-09T15:03:39.000000Z"}, {"uuid": "462fc1b6-b98f-437c-9b62-2d890c3832f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24786", "type": "seen", "source": "https://t.me/arpsyndicate/4821", "content": "#ExploitObserverAlert\n\nCVE-2024-24786\n\nDESCRIPTION: Exploit Observer has 504 entries in 33 file formats related to CVE-2024-24786. The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.\n\nFIRST-EPSS: 0.000450000\nARPS-PRIORITY: 0.9738394", "creation_timestamp": "2024-04-24T21:18:10.000000Z"}, {"uuid": "e74794ce-1880-44a7-b52a-740700f277b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24786", "type": "seen", "source": "https://t.me/arpsyndicate/4661", "content": "#ExploitObserverAlert\n\nCVE-2024-24786\n\nDESCRIPTION: Exploit Observer has 18 entries in 5 file formats related to CVE-2024-24786. The protojson.Unmarshal function can enter an infinite loop when unmarshaling certain forms of invalid JSON. This condition can occur when unmarshaling into a message which contains a google.protobuf.Any value, or when the UnmarshalOptions.DiscardUnknown option is set.\n\nFIRST-EPSS: 0.000450000\nARPS-EXPLOITABILITY: 0.7602171", "creation_timestamp": "2024-04-13T13:27:17.000000Z"}, {"uuid": "6752d3ef-6567-48c2-8008-c5c4c7999fed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24783", "type": "seen", "source": "https://t.me/arpsyndicate/4125", "content": "#ExploitObserverAlert\n\nCVE-2024-24783\n\nDESCRIPTION: Exploit Observer has 4 entries in 2 file formats related to CVE-2024-24783. Verifying a certificate chain which contains a certificate with an unknown public key algorithm will cause Certificate.Verify to panic. This affects all crypto/tls clients, and servers that set Config.ClientAuth to VerifyClientCertIfGiven or RequireAndVerifyClientCert. The default behavior is for TLS servers to not verify client certificates.\n\nFIRST-EPSS: 0.000450000", "creation_timestamp": "2024-03-07T08:19:04.000000Z"}, {"uuid": "0a01e95c-8e80-4e74-bd0f-bd4e9e27a4f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2478", "type": "seen", "source": "https://t.me/arpsyndicate/4266", "content": "#ExploitObserverAlert\n\nCVE-2024-2478\n\nDESCRIPTION: Exploit Observer has 88 entries in 8 file formats related to CVE-2024-2478. A vulnerability was found in BradWenqiang HR 2.0. It has been rated as critical. Affected by this issue is the function selectAll of the file /bishe/register of the component Background Management. The manipulation of the argument userName leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-256886 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\nFIRST-EPSS: 0.000450000", "creation_timestamp": "2024-03-16T21:58:03.000000Z"}, {"uuid": "025e86e6-b37a-477f-acf1-ec24a69f3262", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24785", "type": "seen", "source": "https://t.me/arpsyndicate/4888", "content": "#ExploitObserverAlert\n\nCVE-2024-24785\n\nDESCRIPTION: Exploit Observer has 13 entries in 4 file formats related to CVE-2024-24785. If errors returned from MarshalJSON methods contain user controlled data, they may be used to break the contextual auto-escaping behavior of the html/template package, allowing for subsequent actions to inject unexpected content into templates.\n\nFIRST-EPSS: 0.000450000\nARPS-PRIORITY: 0.770344", "creation_timestamp": "2024-04-26T05:30:54.000000Z"}, {"uuid": "f97ae614-35bc-48c5-a414-13796114d54a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24785", "type": "seen", "source": "https://t.me/ctinow/200993", "content": "https://ift.tt/Q56gf0I\nCVE-2024-24785", "creation_timestamp": "2024-03-06T04:41:46.000000Z"}, {"uuid": "0f771046-01bf-4c2c-be28-39f3e778cc63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2478", "type": "seen", "source": "https://t.me/ctinow/208457", "content": "https://ift.tt/1eQNVgR\nCVE-2024-2478", "creation_timestamp": "2024-03-15T07:21:39.000000Z"}, {"uuid": "bb5a296f-614f-4107-94bd-2f3edc140cef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2478", "type": "seen", "source": "https://t.me/ctinow/208462", "content": "https://ift.tt/1eQNVgR\nCVE-2024-2478", "creation_timestamp": "2024-03-15T07:26:37.000000Z"}, {"uuid": "5bca0f76-1af9-4525-9287-36f9385c7db3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24783", "type": "seen", "source": "https://t.me/ctinow/200995", "content": "https://ift.tt/YBF42bu\nCVE-2024-24783", "creation_timestamp": "2024-03-06T04:41:49.000000Z"}, {"uuid": "01b60bf2-46ea-4292-a3fb-0a7afa0a2a82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24784", "type": "seen", "source": "https://t.me/ctinow/200994", "content": "https://ift.tt/5wPnreX\nCVE-2024-24784", "creation_timestamp": "2024-03-06T04:41:48.000000Z"}, {"uuid": "0dba66a6-2415-4d0e-9a70-7dc4d04e67a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24786", "type": "seen", "source": "https://t.me/ctinow/201089", "content": "https://ift.tt/rmdb7Av\nCVE-2024-24786", "creation_timestamp": "2024-03-06T08:21:39.000000Z"}, {"uuid": "5a4b5c1a-b45f-4951-8f5c-7c19da3f2ccb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24783", "type": "seen", "source": "https://t.me/ctinow/200859", "content": "https://ift.tt/rPtmRL4\nCVE-2024-24783", "creation_timestamp": "2024-03-06T00:26:46.000000Z"}, {"uuid": "7d93ed3d-eb85-4290-bae3-96250bdae1e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24786", "type": "seen", "source": "https://t.me/ctinow/200862", "content": "https://ift.tt/PMFxpr5\nCVE-2024-24786", "creation_timestamp": "2024-03-06T00:26:52.000000Z"}, {"uuid": "7d3d7134-5255-4276-81a7-be1b7cdba41c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24785", "type": "seen", "source": "https://t.me/ctinow/200861", "content": "https://ift.tt/QvD980l\nCVE-2024-24785", "creation_timestamp": "2024-03-06T00:26:51.000000Z"}, {"uuid": "8240471a-aa06-4fbc-b252-14bdcd8f7beb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24784", "type": "seen", "source": "https://t.me/ctinow/200860", "content": "https://ift.tt/dYCnmuR\nCVE-2024-24784", "creation_timestamp": "2024-03-06T00:26:47.000000Z"}, {"uuid": "28609aeb-181b-49ab-b19e-cf4a2c08a25b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24782", "type": "seen", "source": "https://t.me/ctinow/199086", "content": "https://ift.tt/Cwx6ZSX\nCVE-2024-24782 | HIMA X-CPU 31 Ping Request origin validation (VDE-2024-013)", "creation_timestamp": "2024-03-04T08:41:30.000000Z"}, {"uuid": "9b711e8e-3dcd-40f7-9b85-37a8e67b2396", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24781", "type": "seen", "source": "https://t.me/ctinow/199085", "content": "https://ift.tt/FdgscaO\nCVE-2024-24781 | HIMA X-SB 01 Ethernet Port resource consumption (VDE-2024-013)", "creation_timestamp": "2024-03-04T08:41:29.000000Z"}, {"uuid": "023ed9b1-0e15-4139-a3d7-b3063df41cf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24782", "type": "seen", "source": "https://t.me/ctinow/183872", "content": "https://ift.tt/TsbMaZS\nCVE-2024-24782", "creation_timestamp": "2024-02-13T15:22:08.000000Z"}, {"uuid": "e8423191-82dc-4b3e-ba78-e1a27728c82e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24781", "type": "seen", "source": "https://t.me/ctinow/183871", "content": "https://ift.tt/L1zGCrs\nCVE-2024-24781", "creation_timestamp": "2024-02-13T15:22:07.000000Z"}, {"uuid": "732271af-d5f1-4afb-af8f-6fce2d1ee762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24787", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2455", "content": "https://github.com/LOURC0D3/CVE-2024-24787-PoC\n\nCVE-2024-24787 Proof of Concept\n#github #poc", "creation_timestamp": "2024-05-10T19:29:03.000000Z"}]}