{"vulnerability": "cve-2024-4701", "sightings": [{"uuid": "468c4e41-2a92-4d58-9143-3452d2efaccd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47010", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-24-1326/", "content": "", "creation_timestamp": "2024-10-08T05:00:00.000000Z"}, {"uuid": "c94c2b95-eb59-4487-b1c2-2bd7a718826b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47011", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-24-1327/", "content": "", "creation_timestamp": "2024-10-08T05:00:00.000000Z"}, {"uuid": "156edec3-d67a-41c4-b309-bebe06cd5637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47011", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpquypfex2f", "content": "", "creation_timestamp": "2025-01-14T17:15:42.514634Z"}, {"uuid": "96563f5d-4135-4587-a183-b49bb7b3d915", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47010", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpqv32avd2c", "content": "", "creation_timestamp": "2025-01-14T17:15:44.810501Z"}, {"uuid": "d2463466-3269-42af-af38-71a6f135d309", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47011", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1532", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13180\n\ud83d\udd39 Description: Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information. This CVE addresses incomplete fixes from CVE-2024-47011.\n\ud83d\udccf Published: 2025-01-14T16:52:41.501Z\n\ud83d\udccf Modified: 2025-01-14T16:52:41.501Z\n\ud83d\udd17 References:\n1. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-7-Multiple-CVEs", "creation_timestamp": "2025-01-14T17:21:13.000000Z"}, {"uuid": "3cd0f09b-9957-42ee-9980-78d7ac3544a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47010", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1529", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13181\n\ud83d\udd39 Description: Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. This CVE addresses incomplete fixes from CVE-2024-47010.\n\ud83d\udccf Published: 2025-01-14T16:53:36.325Z\n\ud83d\udccf Modified: 2025-01-14T16:53:36.325Z\n\ud83d\udd17 References:\n1. https://forums.ivanti.com/s/article/Security-Advisory-Ivanti-Avalanche-6-4-7-Multiple-CVEs", "creation_timestamp": "2025-01-14T17:21:04.000000Z"}, {"uuid": "955f2fa7-961a-443d-a5ec-b311055d2cb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4701", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7291", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPOC for CVE-2024-4701\nURL\uff1ahttps://github.com/JoeBeeton/CVE-2024-4701-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-13T12:01:15.000000Z"}, {"uuid": "673f5b2a-2bcb-4b13-b307-5202ce15e889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47010", "type": "seen", "source": "https://t.me/cvedetector/15308", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13181 - Ivanti Avalanche Path Traversal Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-13181 \nPublished : Jan. 14, 2025, 5:15 p.m. | 36\u00a0minutes ago \nDescription : Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to bypass authentication. This CVE addresses incomplete fixes from CVE-2024-47010. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T19:01:23.000000Z"}, {"uuid": "917100b4-2b49-4522-b9e9-363cd8876393", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47011", "type": "seen", "source": "https://t.me/cvedetector/15307", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13180 - Ivanti Avalanche Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13180 \nPublished : Jan. 14, 2025, 5:15 p.m. | 36\u00a0minutes ago \nDescription : Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker to leak sensitive information. This CVE addresses incomplete fixes from CVE-2024-47011. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T19:01:22.000000Z"}, {"uuid": "25201ffb-d2c8-459a-99b1-73dca1362349", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47014", "type": "seen", "source": "https://t.me/cvedetector/8934", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47014 - Cache Publishing CMS Server-Side Request Forgery (SSRF)\", \n  \"Content\": \"CVE ID : CVE-2024-47014 \nPublished : Oct. 25, 2024, 11:15 a.m. | 24\u00a0minutes ago \nDescription : N/A \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T13:44:33.000000Z"}, {"uuid": "8fe4d98c-771c-4ecd-865b-5d5814e64e16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47015", "type": "seen", "source": "https://t.me/cvedetector/8933", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47015 - Qualcomm Snapdragon ProtocolMisc Hw Config Change Adapter Out-of-Bounds Read Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47015 \nPublished : Oct. 25, 2024, 11:15 a.m. | 24\u00a0minutes ago \nDescription : In ProtocolMiscHwConfigChangeAdapter::GetData() of protocolmiscadapter.cpp, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure with baseband firmware compromise required. User Interaction is not needed for exploitation. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T13:44:32.000000Z"}, {"uuid": "65d6070c-b0ba-44d2-bd0d-6f801cf9ec67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47013", "type": "seen", "source": "https://t.me/cvedetector/8932", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47013 - Intel FlexPMU Uninitialized Data Arbitrary Write Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-47013 \nPublished : Oct. 25, 2024, 11:15 a.m. | 24\u00a0minutes ago \nDescription : In pmucal_rae_handle_seq_int of flexpmu_cal_rae.c, there is a possible arbitrary write due to uninitialized data. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T13:44:31.000000Z"}, {"uuid": "2de0d0e7-ad82-4e93-a8db-24d3ad75c09c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47016", "type": "seen", "source": "https://t.me/cvedetector/8936", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47016 - Apache HTTP Server Insecure Default Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-47016 \nPublished : Oct. 25, 2024, 11:15 a.m. | 24\u00a0minutes ago \nDescription : there is a possible privilege escalation due to an insecure default value. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T13:44:34.000000Z"}, {"uuid": "a6bae9bb-c92e-45aa-b232-9ed0ce0ece5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47017", "type": "seen", "source": "https://t.me/cvedetector/8935", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47017 - \"UFS Stack Variable Use After Free Vulnerability in ufshc_scsi_cmd\"\", \n  \"Content\": \"CVE ID : CVE-2024-47017 \nPublished : Oct. 25, 2024, 11:15 a.m. | 24\u00a0minutes ago \nDescription : In ufshc_scsi_cmd of ufs.c, there is a possible stack variable use after free due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T13:44:34.000000Z"}, {"uuid": "384d20b8-6a0f-4ffb-953e-03c0ded084f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47011", "type": "seen", "source": "https://t.me/cvedetector/7384", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47011 - Ivanti Avalanche Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47011 \nPublished : Oct. 8, 2024, 5:15 p.m. | 40\u00a0minutes ago \nDescription : Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to leak sensitive information \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-08T20:24:01.000000Z"}, {"uuid": "a5e7bc64-8618-4f4e-99a9-06883e4ae5a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47010", "type": "seen", "source": "https://t.me/cvedetector/7383", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47010 - Ivanti Avalanche Path Traversal Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-47010 \nPublished : Oct. 8, 2024, 5:15 p.m. | 40\u00a0minutes ago \nDescription : Path Traversal in Ivanti Avalanche before version 6.4.5 allows a remote unauthenticated attacker to bypass authentication. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-08T20:23:58.000000Z"}, {"uuid": "0292a4f7-691b-4dc4-83cd-a5ca66df8fef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4701", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/283", "content": "\u200aCVE-2024-4701 (CVSS 9.9): Major RCE Risk in Netflix\u2019s Genie Platform\n\nhttps://securityonline.info/cve-2024-4701-cvss-9-9-major-rce-risk-in-netflixs-genie-platform/", "creation_timestamp": "2024-05-11T07:32:05.000000Z"}]}