{"vulnerability": "cve-2024-4780", "sightings": [{"uuid": "42a4f38b-80fc-448b-8361-1696153dbbfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47808", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113470309524837171", "content": "", "creation_timestamp": "2024-11-12T13:51:58.618187Z"}, {"uuid": "b57ca97e-327b-4c32-bdf4-3e29f724cdfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47808", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-04", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "f5d8a76a-b1c4-456e-bdc6-e1fa9b2ba5e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47809", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113809778468587858", "content": "", "creation_timestamp": "2025-01-11T12:43:23.556219Z"}, {"uuid": "5859caae-58ce-46f2-b690-e695f668ab44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47809", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfhs3p43tk2x", "content": "", "creation_timestamp": "2025-01-11T13:16:03.065835Z"}, {"uuid": "b29814d7-3af8-49f1-ab9a-c7fe3983afe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-47809", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "32a62899-23c6-4665-bbf6-f4295febc5fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47800", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp3hoe6x6x42", "content": "", "creation_timestamp": "2025-05-13T22:08:55.881318Z"}, {"uuid": "2690f7d9-bc9b-4fdc-ab4c-195581e82475", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47800", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16239", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-47800\n\ud83d\udd25 CVSS Score: 5.4 (cvssV4_0, Vector: CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Uncontrolled search path for some Intel(R) Graphics Driver software may allow an authenticated user to potentially enable escalation of privilege via local access.\n\ud83d\udccf Published: 2025-05-13T21:03:21.454Z\n\ud83d\udccf Modified: 2025-05-13T21:03:21.454Z\n\ud83d\udd17 References:\n1. https://intel.com/content/www/us/en/security-center/advisory/intel-sa-01253.html", "creation_timestamp": "2025-05-13T21:30:57.000000Z"}, {"uuid": "f1fd0daf-7d3b-40c0-b5c3-eaadcbd88912", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-47809", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "8bd88635-0742-489e-8bd2-66144166d8ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47808", "type": "seen", "source": "https://t.me/cvedetector/10606", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47808 - SINEC NMS File System Write Arbitrary Content Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47808 \nPublished : Nov. 12, 2024, 1:15 p.m. | 21\u00a0minutes ago \nDescription : A vulnerability has been identified in SINEC NMS (All versions < V3.0 SP1). The affected application contains a database function, that does not properly restrict the permissions of users to write to the filesystem of the host system.  \nThis could allow an authenticated medium-privileged attacker to write arbitrary content to any location in the filesystem of the host system. \nSeverity: 8.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T14:41:43.000000Z"}, {"uuid": "dc1dc7a0-c4d3-4a9a-8a17-d787f90374a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47801", "type": "seen", "source": "https://t.me/cvedetector/8897", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47801 - Sharp and Toshiba Tec MFPs Reflected Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47801 \nPublished : Oct. 25, 2024, 7:15 a.m. | 39\u00a0minutes ago \nDescription : Sharp and Toshiba Tec MFPs improperly process query parameters in HTTP requests, resulting in a reflected cross-site scripting vulnerability.  \nAccessing a crafted URL which points to an affected product may cause malicious script executed on the web browser. \nSeverity: 7.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T10:23:31.000000Z"}, {"uuid": "672a6dee-89e1-4ded-8a46-844a2ab9eda3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47807", "type": "seen", "source": "https://t.me/cvedetector/6842", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47807 - Jenkins OpenId Connect Authentication Plugin Open Redirect\", \n  \"Content\": \"CVE ID : CVE-2024-47807 \nPublished : Oct. 2, 2024, 4:15 p.m. | 33\u00a0minutes ago \nDescription : Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `iss` (Issuer) claim of an ID Token, allowing attackers to subvert the authentication flow, potentially gaining administrator access to Jenkins. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T18:52:20.000000Z"}, {"uuid": "0bf93056-06e7-4b2a-8e6c-8dba925c929e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47806", "type": "seen", "source": "https://t.me/cvedetector/6841", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47806 - Jenkins OpenId Connect Authentication Plugin OAuth Assertion Relay\", \n  \"Content\": \"CVE ID : CVE-2024-47806 \nPublished : Oct. 2, 2024, 4:15 p.m. | 33\u00a0minutes ago \nDescription : Jenkins OpenId Connect Authentication Plugin 4.354.v321ce67a_1de8 and earlier does not check the `aud` (Audience) claim of an ID Token, allowing attackers to subvert the authentication flow, potentially gaining administrator access to Jenkins. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T18:52:19.000000Z"}, {"uuid": "3dcfe8f4-722e-4894-8de2-14128c3abddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47805", "type": "seen", "source": "https://t.me/cvedetector/6840", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47805 - Jenkins Credentials Plugin Credentials Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-47805 \nPublished : Oct. 2, 2024, 4:15 p.m. | 33\u00a0minutes ago \nDescription : Jenkins Credentials Plugin 1380.va_435002fa_924 and earlier, except 1371.1373.v4eb_fa_b_7161e9, does not redact encrypted values of credentials using the `SecretBytes` type when accessing item `config.xml` via REST API or CLI. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T18:52:19.000000Z"}, {"uuid": "3383353f-b8a9-4569-9cc7-014674716b60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47804", "type": "seen", "source": "https://t.me/cvedetector/6839", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47804 - Jenkins Item Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47804 \nPublished : Oct. 2, 2024, 4:15 p.m. | 33\u00a0minutes ago \nDescription : If an attempt is made to create an item of a type prohibited by `ACL#hasCreatePermission2` or `TopLevelItemDescriptor#isApplicableIn(ItemGroup)` through the Jenkins CLI or the REST API and either of these checks fail, Jenkins 2.478 and earlier, LTS 2.462.2 and earlier creates the item in memory, only deleting it from disk, allowing attackers with Item/Configure permission to save the item to persist it, effectively bypassing the item creation restriction. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T18:52:18.000000Z"}, {"uuid": "e32de305-734e-4ce3-9489-75de39cd4380", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-47803", "type": "seen", "source": "https://t.me/cvedetector/6838", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-47803 - Jenkins Secret Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-47803 \nPublished : Oct. 2, 2024, 4:15 p.m. | 33\u00a0minutes ago \nDescription : Jenkins 2.478 and earlier, LTS 2.462.2 and earlier does not redact multi-line secret values in error messages generated for form submissions involving the `secretTextarea` form field. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T18:52:14.000000Z"}, {"uuid": "3a005f53-076f-4826-ab7a-5160580e0db2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-47809", "type": "seen", "source": "https://www.hkcert.org/security-bulletin/debian-linux-kernel-multiple-vulnerabilities_20260506", "content": "", "creation_timestamp": "2026-05-05T20:00:00.000000Z"}, {"uuid": "4a67fad6-2086-4204-97cb-91608f93baa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4780", "type": "seen", "source": "https://t.me/cvedetector/915", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-4780 - Elementor Addon Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-4780 \nPublished : July 16, 2024, 7:15 a.m. | 17\u00a0minutes ago \nDescription : The Image Hover Effects \u2013 Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018eihe_link\u2019 parameter in all versions up to, and including, 1.4.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-16T09:34:49.000000Z"}]}