{"vulnerability": "cve-2024-3014", "sightings": [{"uuid": "7311e543-4b18-4f43-b6a9-29273196ea53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30140", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113440716985073235", "content": "", "creation_timestamp": "2024-11-07T08:26:12.016524Z"}, {"uuid": "c58c3bdd-b45d-4b58-9fdc-f079cd9bd341", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30142", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113440859864892775", "content": "", "creation_timestamp": "2024-11-07T09:02:32.218064Z"}, {"uuid": "f4261b56-006c-4bce-a5eb-51bb474a1ba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30141", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113440761736865825", "content": "", "creation_timestamp": "2024-11-07T08:37:35.000645Z"}, {"uuid": "ad150ae4-aab9-481a-beac-66a0fdd52cf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30143", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkc5tfijyn2w", "content": "", "creation_timestamp": "2025-03-13T22:36:09.151014Z"}, {"uuid": "41452bb7-37ec-4100-827c-b590f68ddb33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30146", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14181", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-30146\n\ud83d\udd25 CVSS Score: 4.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper access control of endpoint in HCL Domino Leap\nallows certain admin users to import applications from the\nserver's filesystem.\n\ud83d\udccf Published: 2025-04-30T21:16:31.949Z\n\ud83d\udccf Modified: 2025-04-30T21:16:31.949Z\n\ud83d\udd17 References:\n1. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120722", "creation_timestamp": "2025-04-30T22:14:15.000000Z"}, {"uuid": "382232fd-589f-47f5-a51f-0c7781c79c77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30145", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo37f4ymoi2o", "content": "", "creation_timestamp": "2025-05-01T01:56:09.097237Z"}, {"uuid": "86ff174d-b3d6-47d0-b9d8-aabfb1ba1e71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30146", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lo37f5cvze2p", "content": "", "creation_timestamp": "2025-05-01T01:56:11.092309Z"}, {"uuid": "d787534c-241c-487d-85ec-e2e9d12496d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30147", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13284", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-30147\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Multiple vectors in HCL Leap allow client-side\nscript injection in the authoring environment and deployed applications.\n\ud83d\udccf Published: 2025-04-24T16:21:24.719Z\n\ud83d\udccf Modified: 2025-04-24T16:21:24.719Z\n\ud83d\udd17 References:\n1. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119900", "creation_timestamp": "2025-04-24T17:06:37.000000Z"}, {"uuid": "416faf7f-985e-40f1-9dc8-210edc51450d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30148", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13285", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-30148\n\ud83d\udd25 CVSS Score: 4.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: Improper access control of endpoint in HCL Leap\nallows certain admin users to import applications from the\nserver's filesystem.\n\ud83d\udccf Published: 2025-04-24T16:10:00.714Z\n\ud83d\udccf Modified: 2025-04-24T16:10:00.714Z\n\ud83d\udd17 References:\n1. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119900", "creation_timestamp": "2025-04-24T17:06:38.000000Z"}, {"uuid": "2c94a7b4-3388-468f-ab21-862e885d4f5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30143", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7442", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-30143\n\ud83d\udd25 CVSS Score: 4.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: HCL AppScan Traffic Recorder fails to adequately neutralize special characters within the filename, potentially allowing it to resolve to a location beyond the restricted directory. Potential exploits can completely disrupt or takeover the application or the computer where the application is running.\n\ud83d\udccf Published: 2025-03-13T17:34:50.161Z\n\ud83d\udccf Modified: 2025-03-13T17:34:50.161Z\n\ud83d\udd17 References:\n1. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0117697\n2. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0119824", "creation_timestamp": "2025-03-13T17:44:56.000000Z"}, {"uuid": "db03050a-f5d0-46c7-8709-667346155e63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30145", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/14183", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-30145\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Multiple vectors in HCL Domino Volt and Domino Leap allow client-side\nscript injection in the authoring environment and deployed applications.\n\ud83d\udccf Published: 2025-04-30T21:15:23.377Z\n\ud83d\udccf Modified: 2025-04-30T21:15:23.377Z\n\ud83d\udd17 References:\n1. https://support.hcl-software.com/csm?id=kb_article&sysparm_article=KB0120722", "creation_timestamp": "2025-04-30T22:14:20.000000Z"}, {"uuid": "a10c41e2-1ef1-4b25-9726-291e5cd1c80a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30146", "type": "seen", "source": "https://t.me/cvedetector/24171", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-30146 - HCL Domino Leap Unauthenticated Server-Side File Inclusion\", \n  \"Content\": \"CVE ID : CVE-2024-30146 \nPublished : April 30, 2025, 10:15 p.m. | 1\u00a0hour, 52\u00a0minutes ago \nDescription : Improper access control of endpoint in HCL Domino Leap  \nallows certain admin users to import applications from the  \nserver's filesystem. \nSeverity: 4.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T02:17:30.000000Z"}, {"uuid": "d0482fab-eda7-4140-8889-de603bc83d7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30147", "type": "seen", "source": "https://t.me/cvedetector/23699", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-30147 - \"Oracle HCL Leap Client-Side Script Injection Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-30147 \nPublished : April 24, 2025, 5:15 p.m. | 1\u00a0hour, 17\u00a0minutes ago \nDescription : Multiple vectors in HCL Leap allow client-side  \nscript injection in the authoring environment and deployed applications. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-24T20:35:34.000000Z"}, {"uuid": "3df3eb62-ce15-4a1e-a299-b170fecc4fc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30145", "type": "seen", "source": "https://t.me/cvedetector/24170", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-30145 - IBM HCL Domino Volt and Domino Leap Client-Side Script Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-30145 \nPublished : April 30, 2025, 10:15 p.m. | 1\u00a0hour, 52\u00a0minutes ago \nDescription : Multiple vectors in HCL Domino Volt and Domino Leap allow client-side  \nscript injection in the authoring environment and deployed applications. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 May 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-05-01T02:17:29.000000Z"}, {"uuid": "5ca88424-23fb-4e31-8926-e2eaeed7a15c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30143", "type": "seen", "source": "https://t.me/cvedetector/20256", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-30143 - HCL AppScan Path Traversal\", \n  \"Content\": \"CVE ID : CVE-2024-30143 \nPublished : March 13, 2025, 6:15 p.m. | 1\u00a0hour, 52\u00a0minutes ago \nDescription : HCL AppScan Traffic Recorder fails to adequately neutralize special characters within the filename, potentially allowing it to resolve to a location beyond the restricted directory. Potential exploits can completely disrupt or takeover the application or the computer where the application is running. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-13T21:28:49.000000Z"}, {"uuid": "062f46b2-18c7-43f8-b21b-07a03810d239", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30149", "type": "seen", "source": "https://t.me/cvedetector/9495", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-30149 - HCL AppScan Source SSL Certificate Validation Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-30149 \nPublished : Oct. 31, 2024, 9:15 a.m. | 39\u00a0minutes ago \nDescription : HCL AppScan Source <=\nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-31T11:05:35.000000Z"}, {"uuid": "e4332bb0-20a5-42f6-95ee-ba97233a07e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30142", "type": "seen", "source": "https://t.me/cvedetector/10061", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-30142 - HCL BigFix Compliance Cookie Insecure Storage Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-30142 \nPublished : Nov. 7, 2024, 9:15 a.m. | 46\u00a0minutes ago \nDescription : HCL BigFix Compliance is affected by a missing secure flag on a cookie.  If a secure flag is not set, cookies may be stolen by an attacker using XSS, resulting in unauthorized access or session cookies could be transferred over an unencrypted channel. \nSeverity: 3.8 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T11:04:06.000000Z"}, {"uuid": "a8ec08cf-2722-4084-8cc9-cce72735a4d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30141", "type": "seen", "source": "https://t.me/cvedetector/10060", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-30141 - HCL BigFix Compliance Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-30141 \nPublished : Nov. 7, 2024, 9:15 a.m. | 46\u00a0minutes ago \nDescription : HCL BigFix Compliance is vulnerable to the generation of error messages containing sensitive information.  Detailed error messages can provide enticement information or expose information about its environment, users, or associated data. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T11:04:05.000000Z"}, {"uuid": "5a70bad9-80af-4190-9e56-2b18ffd70f32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30140", "type": "seen", "source": "https://t.me/cvedetector/10059", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-30140 - HCL BigFix Compliance Host Header Manipulationehler\", \n  \"Content\": \"CVE ID : CVE-2024-30140 \nPublished : Nov. 7, 2024, 9:15 a.m. | 46\u00a0minutes ago \nDescription : HCL BigFix Compliance is affected by unvalidated redirects and forwards.  The HOST header can be manipulated by an attacker and as a result, it can poison the web cache and provide back to users being served the page. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T11:04:04.000000Z"}]}