{"vulnerability": "cve-2024-2482", "sightings": [{"uuid": "c19f8137-52c5-4b02-b09d-2b067d311de1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24826", "type": "seen", "source": "https://github.blog/security/vulnerability-research/bugs-that-survive-the-heat-of-continuous-fuzzing/", "content": "", "creation_timestamp": "2025-12-29T21:01:14.000000Z"}, {"uuid": "b31629c4-ee7f-4972-a7ea-c8e68960b418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2482", "type": "seen", "source": "https://t.me/arpsyndicate/4262", "content": "#ExploitObserverAlert\n\nCVE-2024-2482\n\nDESCRIPTION: Exploit Observer has 77 entries in 8 file formats related to CVE-2024-2482. A vulnerability has been found in Surya2Developer Hostel Management Service 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /check_availability.php of the component HTTP POST Request Handler. The manipulation of the argument oldpassword leads to observable response discrepancy. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256891.\n\nFIRST-EPSS: 0.000450000", "creation_timestamp": "2024-03-16T21:37:59.000000Z"}, {"uuid": "109a7cfd-0e4b-466c-ac41-c54cef53f151", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24827", "type": "seen", "source": "https://t.me/ctinow/209166", "content": "https://ift.tt/NneIs5y\nCVE-2024-24827", "creation_timestamp": "2024-03-15T21:26:16.000000Z"}, {"uuid": "e02247fd-4594-405a-b0d0-d5936aa7f03f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24828", "type": "seen", "source": "https://t.me/arpsyndicate/3387", "content": "#ExploitObserverAlert\n\nCVE-2024-24828\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2024-24828. pkg is tool design to bundle Node.js projects into an executables. Any native code packages built by `pkg` are written to a hardcoded directory. On unix systems, this is `/tmp/pkg/*` which is a shared directory for all users on the same local system. There is no uniqueness to the package names within this directory, they are predictable. An attacker who has access to the same local system has the ability to replace the genuine executables in the shared directory with malicious executables of the same name. A user may then run the malicious executable without realising it has been modified. This package is deprecated. Therefore, there will not be a patch provided for this vulnerability. To check if your executable build by pkg depends on native code and is vulnerable, run the executable and check if `/tmp/pkg/` was created. Users should transition to actively maintained alternatives. We would recommend investigating Node.js 21\u2019s support for single executable applications. Given the decision to deprecate the pkg package, there are no official workarounds or remediations provided by our team. Users should prioritize migrating to other packages that offer similar functionality with enhanced security.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-11T13:28:55.000000Z"}, {"uuid": "236ca53c-02a3-4830-a826-c26014b43ec1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24820", "type": "seen", "source": "https://t.me/arpsyndicate/3414", "content": "#ExploitObserverAlert\n\nCVE-2024-24820\n\nDESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2024-24820. Icinga Director is a tool designed to make Icinga 2 configuration handling easy. Not any of Icinga Director's configuration forms used to manipulate the monitoring environment are protected against cross site request forgery (CSRF). It enables attackers to perform changes in the monitoring environment managed by Icinga Director without the awareness of the victim. Users of the map module in version 1.x, should immediately upgrade to v2.0. The mentioned XSS vulnerabilities in Icinga Web are already fixed as well and upgrades to the most recent release of the 2.9, 2.10 or 2.11 branch must be performed if not done yet. Any later major release is also suitable. Icinga Director will receive minor updates to the 1.8, 1.9, 1.10 and 1.11 branches to remedy this issue. Upgrade immediately to a patched release. If that is not feasible, disable the director module for the time being.\n\nFIRST-EPSS: 0.000440000", "creation_timestamp": "2024-02-11T14:55:43.000000Z"}, {"uuid": "839c621b-68d0-4a96-92c4-cf6716e639ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24827", "type": "seen", "source": "https://t.me/ctinow/209153", "content": "https://ift.tt/NneIs5y\nCVE-2024-24827", "creation_timestamp": "2024-03-15T21:22:03.000000Z"}, {"uuid": "e90af933-38b3-4e17-b444-ed82cf66c54d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24826", "type": "seen", "source": "https://t.me/ctinow/185264", "content": "https://ift.tt/4rFHezN\nCVE-2024-24826", "creation_timestamp": "2024-02-15T06:26:49.000000Z"}, {"uuid": "bf6120dc-6d00-4018-b8f5-7df82021df90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24823", "type": "seen", "source": "https://t.me/ctinow/198140", "content": "https://ift.tt/eobtqcf\nCVE-2024-24823 | Graylog2 Server up to 5.1.10/5.2.3 /api/system/sessions session fixiation (GHSA-3xf8-g8gr-g7rh)", "creation_timestamp": "2024-03-01T23:56:44.000000Z"}, {"uuid": "c8a15d90-8840-4184-b30b-5a1213808ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2482", "type": "seen", "source": "https://t.me/ctinow/208505", "content": "https://ift.tt/kUq2xbj\nCVE-2024-2482", "creation_timestamp": "2024-03-15T08:31:55.000000Z"}, {"uuid": "2580fd8e-8ae8-4d75-8dbd-0aaf4ed5f26e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2482", "type": "seen", "source": "https://t.me/ctinow/208497", "content": "https://ift.tt/kUq2xbj\nCVE-2024-2482", "creation_timestamp": "2024-03-15T08:26:09.000000Z"}, {"uuid": "5929cd4b-b147-4be5-ac53-440bf4afbc38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2482", "type": "seen", "source": "https://t.me/ctinow/208468", "content": "https://ift.tt/XkIwYyN\nCVE-2024-2482 | Surya2Developer Hostel Management Service 1.0 HTTP POST Request /check_availability.php oldpassword observable response discrepancy", "creation_timestamp": "2024-03-15T07:41:30.000000Z"}, {"uuid": "120db275-a2f4-47d1-9bbd-41fb9903e08b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24828", "type": "seen", "source": "https://t.me/ctinow/182360", "content": "https://ift.tt/PS9Odmv\nCVE-2024-24828", "creation_timestamp": "2024-02-10T00:21:30.000000Z"}, {"uuid": "81d0153d-c995-48d4-84b9-717f09529bf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24829", "type": "seen", "source": "https://t.me/ctinow/198398", "content": "https://ift.tt/LYhxn0Q\nCVE-2024-24829 | getsentry up to 24.1.1 server-side request forgery (GHSA-rqxh-fp9p-p98r)", "creation_timestamp": "2024-03-02T15:46:18.000000Z"}, {"uuid": "1092ec52-c26f-42c0-9205-17faf62e2e68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24821", "type": "seen", "source": "https://t.me/ctinow/198384", "content": "https://ift.tt/Dl3nJO1\nCVE-2024-24821 | Composer InstalledVersions.php unknown vulnerability", "creation_timestamp": "2024-03-02T15:16:42.000000Z"}, {"uuid": "ecbf6efe-cf2b-4d44-a0ce-b48b7d4859ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24825", "type": "seen", "source": "https://t.me/ctinow/198385", "content": "https://ift.tt/PvLlrcw\nCVE-2024-24825 | DIRAC prior 8.0.37 TokenManager permission", "creation_timestamp": "2024-03-02T15:16:43.000000Z"}, {"uuid": "f445c3d8-6325-41ec-affd-0fca2af5a7ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24828", "type": "seen", "source": "https://t.me/ctinow/198612", "content": "https://ift.tt/DAcez9s\nCVE-2024-24828 | pkg default permission (GHSA-22r3-9w55-cj54)", "creation_timestamp": "2024-03-03T09:16:26.000000Z"}, {"uuid": "2a9e8037-8682-4447-9371-8b769de099e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24822", "type": "seen", "source": "https://t.me/ctinow/198091", "content": "https://ift.tt/sow0czA\nCVE-2024-24822 | Pimcore admin-ui-classic-bundle up to 1.3.2 authorization", "creation_timestamp": "2024-03-01T23:26:40.000000Z"}, {"uuid": "5c88aadc-8d78-4260-b1c2-e17a207b7911", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24820", "type": "seen", "source": "https://t.me/ctinow/186725", "content": "https://ift.tt/ADvilON\nCVE-2024-24820 Exploit", "creation_timestamp": "2024-02-17T02:16:37.000000Z"}, {"uuid": "802a775b-a566-402f-a9c1-236a88cc65db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24828", "type": "seen", "source": "https://t.me/ctinow/185253", "content": "https://ift.tt/YoLcKaM\nCVE-2024-24828", "creation_timestamp": "2024-02-15T06:26:32.000000Z"}, {"uuid": "627f8785-3365-42f7-b192-c15c3bb283c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24829", "type": "seen", "source": "https://t.me/ctinow/181751", "content": "https://ift.tt/FfM5bEQ\nCVE-2024-24829", "creation_timestamp": "2024-02-09T01:21:44.000000Z"}, {"uuid": "5e5fa835-fb40-4f5b-8cfc-3caf27d8bbb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24824", "type": "seen", "source": "https://t.me/ctinow/185792", "content": "https://ift.tt/C76ANvn\nCVE-2024-24824 Exploit", "creation_timestamp": "2024-02-15T19:17:02.000000Z"}, {"uuid": "a676a21f-b968-4990-bb9d-cca122a0e445", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24826", "type": "seen", "source": "https://t.me/ctinow/183524", "content": "https://ift.tt/pq9MxD7\nCVE-2024-24826", "creation_timestamp": "2024-02-13T00:26:15.000000Z"}, {"uuid": "1bf1b144-a8cc-4233-9355-a223f36ca80e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24824", "type": "seen", "source": "https://t.me/ctinow/180911", "content": "https://ift.tt/c4RQ15g\nCVE-2024-24824", "creation_timestamp": "2024-02-07T19:21:45.000000Z"}, {"uuid": "515d4c76-9824-4cfe-9d25-d601a1344afa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24823", "type": "seen", "source": "https://t.me/ctinow/180910", "content": "https://ift.tt/FlqdISe\nCVE-2024-24823", "creation_timestamp": "2024-02-07T19:21:43.000000Z"}, {"uuid": "8bbeefb1-1a2b-442f-8ecf-80df6a49226e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24822", "type": "seen", "source": "https://t.me/ctinow/180909", "content": "https://ift.tt/yDiu5Yr\nCVE-2024-24822", "creation_timestamp": "2024-02-07T19:21:42.000000Z"}, {"uuid": "36d63484-c182-428b-ad07-f29d3f38053f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24820", "type": "seen", "source": "https://t.me/ctinow/181748", "content": "https://ift.tt/8t1UyCd\nCVE-2024-24820", "creation_timestamp": "2024-02-09T01:21:41.000000Z"}, {"uuid": "9ecec23d-9c90-44c5-a80c-99515b33a55d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24825", "type": "seen", "source": "https://t.me/ctinow/181750", "content": "https://ift.tt/LzWICxP\nCVE-2024-24825", "creation_timestamp": "2024-02-09T01:21:43.000000Z"}, {"uuid": "a6622209-1179-4ffd-afdf-9e14af4fd914", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24821", "type": "seen", "source": "https://t.me/ctinow/181749", "content": "https://ift.tt/oBryOba\nCVE-2024-24821", "creation_timestamp": "2024-02-09T01:21:42.000000Z"}, {"uuid": "69297f57-bc6a-4923-b9fb-3896738f4704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-24824", "type": "published-proof-of-concept", "source": "https://github.com/Graylog2/graylog2-server/security/advisories/GHSA-p6gg-5hf4-4rgj", "content": "", "creation_timestamp": "2024-02-07T12:48:59.000000Z"}]}