{"vulnerability": "cve-2024-4064", "sightings": [{"uuid": "2c86a98d-5c18-4dcc-9532-6acf94636fda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40649", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113907583482056640", "content": "", "creation_timestamp": "2025-01-28T19:16:29.518638Z"}, {"uuid": "e2d79e4b-4af4-49de-b902-c2c03aeb600b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40649", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgtbifjefa2f", "content": "", "creation_timestamp": "2025-01-28T20:16:03.981797Z"}, {"uuid": "90dccb55-f17d-47b8-9832-90b05562b636", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40649", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113908418943656102", "content": "", "creation_timestamp": "2025-01-28T22:48:58.510545Z"}, {"uuid": "3a7433f1-d013-4258-bc37-7090320df0be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-40643", "type": "seen", "source": "https://blog.qwertysecurity.com/Articles/blog2.html", "content": "", "creation_timestamp": "2025-08-24T20:39:55.111831Z"}, {"uuid": "b556aa33-7626-4530-919a-1b6928a6a8ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40649", "type": "seen", "source": "https://t.me/cvedetector/16639", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40649 - Apache Linux Kernel Use-After-Free Local Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-40649 \nPublished : Jan. 28, 2025, 8:15 p.m. | 1\u00a0hour, 24\u00a0minutes ago \nDescription : In TBD of TBD, there is a possible use-after-free due to a logic error in the code. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for exploitation. \nSeverity: 8.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-28T22:58:27.000000Z"}, {"uuid": "1e494693-44fb-4c68-8113-b01b57179309", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40643", "type": "seen", "source": "https://t.me/cvedetector/5109", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40643 - Joplin Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-40643 \nPublished : Sept. 9, 2024, 3:15 p.m. | 37\u00a0minutes ago \nDescription : Joplin is a free, open source note taking and to-do application. Joplin fails to take into account that \" Severity: 9.6 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-09T18:09:32.000000Z"}, {"uuid": "ae240e30-c6b5-45a2-ad89-b341f8c1b326", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40645", "type": "seen", "source": "https://t.me/cvedetector/2165", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40645 - Fog Remote File Include Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40645 \nPublished : July 31, 2024, 7:15 p.m. | 32\u00a0minutes ago \nDescription : FOG is a cloning/imaging/rescue suite/inventory management system. An improperly restricted file upload feature allows authenticated users to execute arbitrary code on the fogproject server. The Rebranding feature has a check on the client banner image requiring it to be 650 pixels wide and 120 pixels high. Apart from that, there are no checks on things like file extensions. This can be abused by appending a PHP webshell to the end of the image and changing the extension to anything the PHP web server will parse. This vulnerability is fixed in 1.5.10.41. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-31T21:51:26.000000Z"}, {"uuid": "a350897c-8397-4a75-9b89-33445674c54f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40642", "type": "seen", "source": "https://t.me/cvedetector/1183", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40642 - Netty Incubator Binary HTTP Parser HTTP Entity Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40642 \nPublished : July 18, 2024, 11:15 p.m. | 34\u00a0minutes ago \nDescription : The netty incubator codec.bhttp is a java language binary http parser. In affected versions the `BinaryHttpParser` class does not properly validate input values thus giving attackers almost complete control over the HTTP requests constructed from the parsed output. Attackers can abuse several issues individually to perform various injection attacks including HTTP request smuggling, desync attacks, HTTP header injections, request queue poisoning, caching attacks and Server Side Request Forgery (SSRF). Attacker could also combine several issues to create well-formed messages for other text-based protocols which may result in attacks beyond the HTTP protocol. The BinaryHttpParser class implements the readRequestHead method which performs most of the relevant parsing of the received request. The data structure prefixes values with a variable length integer value. The parsing code below first gets the lengths of the values from the prefixed variable length integer. After it has all of the lengths and calculates all of the indices, the parser casts the applicable slices of the ByteBuf to String. Finally, it passes these values into a new `DefaultBinaryHttpRequest` object where no further parsing or validation occurs. Method is partially validated while other values are not validated at all. Software that relies on netty to apply input validation for binary HTTP data may be vulnerable to various injection and protocol based attacks. This issue has been addressed in version 0.0.13.Final. Users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-19T01:59:29.000000Z"}, {"uuid": "a509cca0-4b00-4e08-922b-773c601560ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40648", "type": "seen", "source": "https://t.me/cvedetector/1163", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40648 - Matrix-Rust-SDK UserIdentity Verification Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-40648 \nPublished : July 18, 2024, 5:15 p.m. | 41\u00a0minutes ago \nDescription : matrix-rust-sdk is an implementation of a Matrix client-server library in Rust. The `UserIdentity::is_verified()` method in the matrix-sdk-crypto crate before version 0.7.2 doesn't take into account the verification status of the user's own identity while performing the check and may as a result return a value contrary to what is implied by its name and documentation. If the method is used to decide whether to perform sensitive operations towards a user identity, a malicious homeserver could manipulate the outcome in order to make the identity appear trusted. This is not a typical usage of the method, which lowers the impact. The method itself is not used inside the `matrix-sdk-crypto` crate. The 0.7.2 release of the `matrix-sdk-crypto` crate includes a fix. All users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-18T20:08:17.000000Z"}, {"uuid": "d41a3991-9652-4d19-a933-07f9df3148b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40644", "type": "seen", "source": "https://t.me/cvedetector/1164", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40644 - Gitoxide Windows Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40644 \nPublished : July 18, 2024, 5:15 p.m. | 41\u00a0minutes ago \nDescription : gitoxide An idiomatic, lean, fast & safe pure Rust implementation of Git. `gix-path` can be tricked into running another `git.exe` placed in an untrusted location by a limited user account on Windows systems. Windows permits limited user accounts without administrative privileges to create new directories in the root of the system drive. While `gix-path` first looks for `git` using a `PATH` search, in version 0.10.8 it also has a fallback strategy on Windows of checking two hard-coded paths intended to be the 64-bit and 32-bit Program Files directories. Existing functions, as well as the newly introduced `exe_invocation` function, were updated to make use of these alternative locations. This causes facilities in `gix_path::env` to directly execute `git.exe` in those locations, as well as to return its path or whatever configuration it reports to callers who rely on it. Although unusual setups where the system drive is not `C:`, or even where Program Files directories have non-default names, are technically possible, the main problem arises on a 32-bit Windows system. Such a system has no `C:\\Program Files (x86)` directory. A limited user on a 32-bit Windows system can therefore create the `C:\\Program Files (x86)` directory and populate it with arbitrary contents. Once a payload has been placed at the second of the two hard-coded paths in this way, other user accounts including administrators will execute it if they run an application that uses `gix-path` and do not have `git` in a `PATH` directory. (While having `git` found in a `PATH` search prevents exploitation, merely having it installed in the default location under the real `C:\\Program Files` directory does not. This is because the first hard-coded path's `mingw64` component assumes a 64-bit installation.). Only Windows is affected. Exploitation is unlikely except on a 32-bit system. In particular, running a 32-bit build on a 64-bit system is not a risk factor. Furthermore, the attacker must have a user account on the system, though it may be a relatively unprivileged account. Such a user can perform privilege escalation and execute code as another user, though it may be difficult to do so reliably because the targeted user account must run an application or service that uses `gix-path` and must not have `git` in its `PATH`. The main exploitable configuration is one where Git for Windows has been installed but not added to `PATH`. This is one of the options in its installer, though not the default option. Alternatively, an affected program that sanitizes its `PATH` to remove seemingly nonessential directories could allow exploitation. But for the most part, if the target user has configured a `PATH` in which the real `git.exe` can be found, then this cannot be exploited. This issue has been addressed in release version 0.10.9 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 6.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-18T20:08:21.000000Z"}, {"uuid": "6493e69e-9ea1-48a9-9d44-d582a2433482", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40647", "type": "seen", "source": "https://t.me/cvedetector/1160", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40647 - Sentry-SDK Environment Variable Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40647 \nPublished : July 18, 2024, 5:15 p.m. | 41\u00a0minutes ago \nDescription : sentry-sdk is the official Python SDK for Sentry.io. A bug in Sentry's Python SDK Severity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-18T20:08:15.000000Z"}, {"uuid": "735f703b-20d6-4a5a-89f2-0b1942ed8cd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40640", "type": "seen", "source": "https://t.me/cvedetector/1114", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40640 - Vodozemac Non-Constant Time Base64 vulnerability - Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-40640 \nPublished : July 17, 2024, 6:15 p.m. | 25\u00a0minutes ago \nDescription : vodozemac is an open source implementation of Olm and Megolm in pure Rust.  Versions before 0.7.0 of vodozemac use a non-constant time base64 implementation for importing key material for Megolm group sessions and `PkDecryption` Ed25519 secret keys. This flaw might allow an attacker to infer some information about the secret key material through a side-channel attack. The use of a non-constant time base64 implementation might allow an attacker to observe timing variations in the encoding and decoding operations of the secret key material. This could potentially provide insights into the underlying secret key material. The impact of this vulnerability is considered low because exploiting the attacker is required to have access to high precision timing measurements, as well as repeated access to the base64 encoding or decoding processes.  Additionally, the estimated leakage amount is bounded and low according to the referenced paper. This has been patched in commit 734b6c6948d4b2bdee3dd8b4efa591d93a61d272 which has been included in release version 0.7.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 2.9 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T20:44:05.000000Z"}, {"uuid": "42cb84ec-c360-4bfb-93cc-f4d5dba76d1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40641", "type": "seen", "source": "https://t.me/cvedetector/1111", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40641 - Apache Nuclei Code Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40641 \nPublished : July 17, 2024, 6:15 p.m. | 25\u00a0minutes ago \nDescription : Nuclei is a fast and customizable vulnerability scanner based on simple YAML based DSL.  In affected versions it a way to execute code template without -code option and signature has been discovered. Some web applications inherit from Nuclei and allow users to edit and execute workflow files. In this case, users can execute arbitrary commands. (Although, as far as I know, most web applications use -t to execute). This issue has been addressed in version 3.3.0. Users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 7.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T20:44:02.000000Z"}, {"uuid": "691c9418-441c-4d44-974b-b9c2129b0b49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-40644", "type": "published-proof-of-concept", "source": "https://github.com/GitoxideLabs/gitoxide/security/advisories/GHSA-mgvv-9p9g-3jv4", "content": "", "creation_timestamp": "2024-07-18T06:48:17.000000Z"}, {"uuid": "a687f173-d40e-42aa-9cc3-72637da23976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-40641", "type": "published-proof-of-concept", "source": "https://github.com/projectdiscovery/nuclei/security/advisories/GHSA-c3q9-c27p-cw9h", "content": "", "creation_timestamp": "2024-07-17T17:19:36.000000Z"}]}