{"vulnerability": "cve-2024-4574", "sightings": [{"uuid": "a5841929-3cd0-4ede-bdd5-da53a1222170", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45743", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcz2blmhg42m", "content": "", "creation_timestamp": "2026-01-22T11:08:23.401801Z"}, {"uuid": "69e19003-02ed-4c01-af0c-e1bfecba6137", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45742", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mcz4iuaoay2n", "content": "", "creation_timestamp": "2026-01-22T11:48:14.965465Z"}, {"uuid": "d7881a23-3f73-480f-9c0d-4e70a5fe3674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45741", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5867", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45741\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could create a malicious payload through a custom configuration file that the \"api.uri\" parameter from the \"/manager/search/apps/local\" endpoint in Splunk Web calls. This could result in execution of unauthorized JavaScript code in the browser of a user.\n\ud83d\udccf Published: 2024-10-14T17:03:33.986Z\n\ud83d\udccf Modified: 2025-02-28T11:04:00.392Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2024-1011\n2. https://research.splunk.com/application/d7b5aa71-157f-4359-9c34-e35752b1d0a2/", "creation_timestamp": "2025-02-28T11:26:00.000000Z"}, {"uuid": "39f57f23-bf0f-4343-8ad0-a807b7b57475", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45740", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5874", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45740\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a malicious payload through Scheduled Views that could result in execution of unauthorized JavaScript code in the browser of a user.\n\ud83d\udccf Published: 2024-10-14T17:03:29.360Z\n\ud83d\udccf Modified: 2025-02-28T11:03:58.462Z\n\ud83d\udd17 References:\n1. https://advisory.splunk.com/advisories/SVD-2024-1010\n2. https://research.splunk.com/application/d4f55f7c-6518-4122-a197-951fe0f21b25/", "creation_timestamp": "2025-02-28T11:26:09.000000Z"}, {"uuid": "0a8ce439-cc41-49bc-86cb-b8313e960271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45745", "type": "seen", "source": "Telegram/x2hj3mmGUD2hD_GM7DB9Fq4GKmiI1b9m6a_BL3BvwGwmlW1p", "content": "", "creation_timestamp": "2025-02-18T21:11:32.000000Z"}, {"uuid": "c59ba0bb-5784-41f0-bb6f-9869019c858c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45744", "type": "seen", "source": "Telegram/x2hj3mmGUD2hD_GM7DB9Fq4GKmiI1b9m6a_BL3BvwGwmlW1p", "content": "", "creation_timestamp": "2025-02-18T21:11:32.000000Z"}, {"uuid": "46d978c1-577f-4da2-9ea1-adeb857ee2d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45741", "type": "seen", "source": "https://t.me/cvedetector/7829", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45741 - Splunk Enterprise/Cloud JavaScript Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45741 \nPublished : Oct. 14, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403.108 and 9.1.2312.205, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could create a malicious payload through a custom configuration file that the \"api.uri\" parameter from the \"/manager/search/apps/local\" endpoint in Splunk Web calls. This could result in execution of unauthorized JavaScript code in the browser of a user. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-14T20:01:13.000000Z"}, {"uuid": "484a7a95-afed-45b1-95f2-4d8783c3795a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45740", "type": "seen", "source": "https://t.me/cvedetector/7827", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45740 - Splunk Enterprise/Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-45740 \nPublished : Oct. 14, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : In Splunk Enterprise versions below 9.2.3 and 9.1.6 and Splunk Cloud Platform versions below 9.2.2403, a low-privileged user that does not hold the \"admin\" or \"power\" Splunk roles could craft a malicious payload through Scheduled Views that could result in execution of unauthorized JavaScript code in the browser of a user. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-14T20:01:11.000000Z"}, {"uuid": "ffd0665c-180c-4ad5-a93b-ddd82527ae5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45746", "type": "seen", "source": "https://t.me/cvedetector/7512", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45746 - Apache Software Foundation Trusted Firmware-M Unchecked Pointer Write Vulnerability (RCE)\", \n  \"Content\": \"CVE ID : CVE-2024-45746 \nPublished : Oct. 9, 2024, 5:15 p.m. | 28\u00a0minutes ago \nDescription : An issue was discovered in Trusted Firmware-M through 2.1.0. User provided (and controlled) mailbox messages contain a pointer to a list of input arguments (in_vec) and output arguments (out_vec). These list pointers are never validated. Each argument list contains a buffer pointer and a buffer length field. After a PSA call, the length of the output arguments behind the unchecked pointer is updated in mailbox_direct_reply, regardless of the call result. This allows an attacker to write anywhere in the secure firmware, which can be used to take over the control flow, leading to remote code execution (RCE). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-09T19:50:25.000000Z"}, {"uuid": "70bcbfe8-8f5e-4907-8c75-f861f6ceb3d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45745", "type": "seen", "source": "https://t.me/cvedetector/6553", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45744 - TopQuadrant TopBraid EDG External Credential Insecure Storage\", \n  \"Content\": \"CVE ID : CVE-2024-45744 \nPublished : Sept. 27, 2024, 4:15 p.m. | 38\u00a0minutes ago \nDescription : TopQuadrant TopBraid EDG stores external credentials insecurely. An authenticated attacker with file system access can read edg-setup.properites and obtain the secret to decrypt external passwords stored in edg-vault.properties. An authenticated attacker could gain file system access using a separate vulnerability such as CVE-2024-45745.   \nAt least version 7.1.3 is affected. Version 7.3 adds HashiCorp Vault integration that does not store external passwords locally. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-27T19:14:40.000000Z"}, {"uuid": "623c5901-d830-4849-a435-29039e1f1617", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45744", "type": "seen", "source": "https://t.me/cvedetector/6553", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45744 - TopQuadrant TopBraid EDG External Credential Insecure Storage\", \n  \"Content\": \"CVE ID : CVE-2024-45744 \nPublished : Sept. 27, 2024, 4:15 p.m. | 38\u00a0minutes ago \nDescription : TopQuadrant TopBraid EDG stores external credentials insecurely. An authenticated attacker with file system access can read edg-setup.properites and obtain the secret to decrypt external passwords stored in edg-vault.properties. An authenticated attacker could gain file system access using a separate vulnerability such as CVE-2024-45745.   \nAt least version 7.1.3 is affected. Version 7.3 adds HashiCorp Vault integration that does not store external passwords locally. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-27T19:14:40.000000Z"}, {"uuid": "6a074f9d-2126-4056-a0fa-d85ba04fe0cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45745", "type": "seen", "source": "https://t.me/cvedetector/6551", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45745 - TopQuadrant TopBraid EDG XML External Entity (XXE)\", \n  \"Content\": \"CVE ID : CVE-2024-45745 \nPublished : Sept. 27, 2024, 4:15 p.m. | 38\u00a0minutes ago \nDescription : TopQuadrant TopBraid EDG before version 8.0.1 allows an authenticated attacker to upload an XML DTD file and execute JavaScript to read local files or access URLs (XXE). Fixed in 8.0.1 (bug fix: TBS-6721). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-27T19:14:39.000000Z"}]}