{"vulnerability": "cve-2024-4689", "sightings": [{"uuid": "59109f01-696c-41d7-b70c-f98fe96f5102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46890", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113470191456641348", "content": "", "creation_timestamp": "2024-11-12T13:21:56.944562Z"}, {"uuid": "1f8d30bb-c6ce-49e0-b3ec-4cb96832c46d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46891", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113470250459336382", "content": "", "creation_timestamp": "2024-11-12T13:36:57.237382Z"}, {"uuid": "19953110-7334-416a-990e-ef836d554615", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46892", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113470250493627734", "content": "", "creation_timestamp": "2024-11-12T13:36:57.673451Z"}, {"uuid": "42179784-2635-4fa6-af37-4820d2547fea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46894", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113470250508542440", "content": "", "creation_timestamp": "2024-11-12T13:36:58.066822Z"}, {"uuid": "e20aeebe-c9e1-4876-bc30-bd78fca3bd84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46890", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "425f15a5-3244-4d69-b68d-b104bb84a32a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46891", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "58395587-016b-4e72-aec4-6c26e61d3006", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46892", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "5bc9678e-e634-4f72-bc6c-fba7c295d9ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46894", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-08", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "16fc14fe-6f7e-4116-8b3f-df01afd0dbe7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46896", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfhs3cxrvb2l", "content": "", "creation_timestamp": "2025-01-11T13:15:50.145789Z"}, {"uuid": "a9ad2a6b-cf41-4f27-badb-0c0224a60d5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46899", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnf4gmbxib2t", "content": "", "creation_timestamp": "2025-04-22T07:04:42.220787Z"}, {"uuid": "e425d90d-2ee7-4629-9d4b-ee58b6b05808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46899", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-11T18:47:36.000000Z"}, {"uuid": "16a2558d-726a-4ddf-8754-d7dcd808aca3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46895", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp3hogyqzry2", "content": "", "creation_timestamp": "2025-05-13T22:08:56.882695Z"}, {"uuid": "fddb8e84-9894-419e-84be-e0eb7d02d6d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46899", "type": "seen", "source": "MISP/abd2a650-703d-4a2f-9f73-3051c1672e27", "content": "", "creation_timestamp": "2025-08-09T13:26:56.000000Z"}, {"uuid": "9fb6e8fc-3df5-4699-96fa-4e8776914c3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46896", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1315", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46896\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdgpu: don't access invalid sched\n\nSince 2320c9e6a768 (\"drm/sched: memset() 'job' in drm_sched_job_init()\")\naccessing job->base.sched can produce unexpected results as the initialisation\nof (*job)->base.sched done in amdgpu_job_alloc is overwritten by the\nmemset.\n\nThis commit fixes an issue when a CS would fail validation and would\nbe rejected after job->num_ibs is incremented. In this case,\namdgpu_ib_free(ring->adev, ...) will be called, which would crash the\nmachine because the ring value is bogus.\n\nTo fix this, pass a NULL pointer to amdgpu_ib_free(): we can do this\nbecause the device is actually not used in this function.\n\nThe next commit will remove the ring argument completely.\n\n(cherry picked from commit 2ae520cb12831d264ceb97c61f72c59d33c0dbd7)\n\ud83d\udccf Published: 2025-01-11T12:35:34.351Z\n\ud83d\udccf Modified: 2025-01-11T12:35:34.351Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/65501a4fd84ecdc0af863dbb37759242aab9f2dd\n2. https://git.kernel.org/stable/c/da6b2c626ae73c303378ce9eaf6e3eaf16c9925a\n3. https://git.kernel.org/stable/c/67291d601f2b032062b1b2f60ffef1b63e10094c\n4. https://git.kernel.org/stable/c/a93b1020eb9386d7da11608477121b10079c076a", "creation_timestamp": "2025-01-11T13:06:52.000000Z"}, {"uuid": "d0239563-14b3-428f-b95f-7747255ea6f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46899", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12803", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46899\n\ud83d\udd25 CVSS Score: 7.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N)\n\ud83d\udd39 Description: Hitachi Ops Center Common Services within Hitachi Ops Center Analyzer viewpoint OVF contains an authentication credentials leakage vulnerability.This issue affects Hitachi Ops Center Common Services: from 10.0.0-00 before 11.0.0-04; Hitachi Ops Center Analyzer viewpoint OVF: from 10.0.0-00 before 11.0.0-04.\n\ud83d\udccf Published: 2025-04-22T04:12:56.387Z\n\ud83d\udccf Modified: 2025-04-22T04:12:56.387Z\n\ud83d\udd17 References:\n1. https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-111/index.html", "creation_timestamp": "2025-04-22T05:03:17.000000Z"}, {"uuid": "03179845-893b-4ed3-bbb6-596010f00950", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46895", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16242", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46895\n\ud83d\udd25 CVSS Score: 5.4 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Uncontrolled search path for some Intel(R) Arc\u2122 & Iris(R) Xe graphics software before version 32.0.101.6083/32.0.101.5736 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\ud83d\udccf Published: 2025-05-13T21:03:16.840Z\n\ud83d\udccf Modified: 2025-05-13T21:03:16.840Z\n\ud83d\udd17 References:\n1. https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01253.html", "creation_timestamp": "2025-05-13T21:31:01.000000Z"}, {"uuid": "9525888d-c5d6-4b73-aff2-446eadd53200", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46894", "type": "seen", "source": "https://t.me/cvedetector/10608", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46894 - SINEC INS Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-46894 \nPublished : Nov. 12, 2024, 1:15 p.m. | 21\u00a0minutes ago \nDescription : A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate authorization of a user to query the \"/api/sftp/users\" endpoint. This could allow an authenticated remote attacker to gain knowledge about the list of configured users of the SFTP service and also modify that configuration. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T14:41:44.000000Z"}, {"uuid": "5fa86187-f3dd-4d72-8c99-c69aff3e6fc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46899", "type": "seen", "source": "https://t.me/cvedetector/23481", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46899 - Hitachi Ops Center Analyzer Viewpoint OVF Authentication Credentials Leakage Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46899 \nPublished : April 22, 2025, 5:15 a.m. | 36\u00a0minutes ago \nDescription : Hitachi Ops Center Common Services within Hitachi Ops Center Analyzer viewpoint OVF contains an authentication credentials leakage vulnerability.This issue affects Hitachi Ops Center Common Services: from 10.0.0-00 before 11.0.0-04; Hitachi Ops Center Analyzer viewpoint OVF: from 10.0.0-00 before 11.0.0-04. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-22T08:22:14.000000Z"}, {"uuid": "2ad67b04-5972-4d56-8b8d-25c90247c34f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46892", "type": "seen", "source": "https://t.me/cvedetector/10613", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46892 - SINEC INS Session Token Invalidation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46892 \nPublished : Nov. 12, 2024, 1:15 p.m. | 21\u00a0minutes ago \nDescription : A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly invalidate sessions when the associated user is deleted or disabled or their permissions are modified. This could allow an authenticated attacker to continue performing malicious actions even after their user account has been disabled. \nSeverity: 4.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T14:41:51.000000Z"}, {"uuid": "3e5172c4-937e-4be5-97bc-a6882ccdebbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46891", "type": "seen", "source": "https://t.me/cvedetector/10612", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46891 - SINEC INS Denial of Service Log File Exhaustion\", \n  \"Content\": \"CVE ID : CVE-2024-46891 \nPublished : Nov. 12, 2024, 1:15 p.m. | 21\u00a0minutes ago \nDescription : A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly restrict the size of generated log files. This could allow an unauthenticated remote attacker to trigger a large amount of logged events to exhaust the system's resources and create a denial of service condition. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T14:41:50.000000Z"}, {"uuid": "79d2653c-c290-4283-b44d-ad454b103870", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46890", "type": "seen", "source": "https://t.me/cvedetector/10611", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46890 - SINEC INS Remote Code Execution (RCE)\", \n  \"Content\": \"CVE ID : CVE-2024-46890 \nPublished : Nov. 12, 2024, 1:15 p.m. | 21\u00a0minutes ago \nDescription : A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected application does not properly validate input sent to specific endpoints of its web API. This could allow an authenticated remote attacker with high privileges on the application to execute arbitrary code on the underlying OS. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T14:41:50.000000Z"}, {"uuid": "540571f8-11b9-4674-a38f-72cb436fa55e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46897", "type": "seen", "source": "https://t.me/cvedetector/8292", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46897 - Exment Unauthenticated Table Management Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46897 \nPublished : Oct. 18, 2024, 6:15 a.m. | 40\u00a0minutes ago \nDescription : Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table. \nSeverity: 3.8 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-18T09:23:23.000000Z"}, {"uuid": "702ed07e-38ed-40da-920d-6bc938afe983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46898", "type": "seen", "source": "https://t.me/cvedetector/7885", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46898 - SHIRASAGI HTTP Request Path Traversal\", \n  \"Content\": \"CVE ID : CVE-2024-46898 \nPublished : Oct. 15, 2024, 7:15 a.m. | 38\u00a0minutes ago \nDescription : SHIRASAGI prior to v1.19.1 processes URLs in HTTP requests improperly, resulting in a path traversal vulnerability. If this vulnerability is exploited, arbitrary files on the server may be retrieved when processing crafted HTTP requests. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-15T10:14:46.000000Z"}]}