{"vulnerability": "cve-2024-5150", "sightings": [{"uuid": "64ab956a-0917-4a35-a8fd-ee3c07d7e6a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51503", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-24-1516/", "content": "", "creation_timestamp": "2024-11-19T06:00:00.000000Z"}, {"uuid": "128fc510-c0c3-4632-b5c9-baca04da2e8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51505", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lihuleaguz2g", "content": "", "creation_timestamp": "2025-02-18T18:16:10.839812Z"}, {"uuid": "cecc1b35-a6a0-45e0-9015-268a5ce58bf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51505", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114026383745737897", "content": "", "creation_timestamp": "2025-02-18T18:49:05.799686Z"}, {"uuid": "f6cc4bdb-adbb-4a23-af06-c10555267a6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-51505", "type": "seen", "source": "https://support.bull.com/ols/product/security/psirt/security-bulletins/potential-privilege-escalation-in-idpki-psirt-1335-tlp-clear-version-2-10-cve-2024-39327-cve-2024-39328-cve-2024-51505/", "content": "", "creation_timestamp": "2025-02-18T21:34:18.952961Z"}, {"uuid": "bc550dfc-3e55-4723-907c-0d92fcc5f2ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-51505", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/f7d3e0a5-0b01-4120-b61f-763c0f94f7c7", "content": "", "creation_timestamp": "2025-02-18T21:49:43.930268Z"}, {"uuid": "6174df94-5b87-4df6-950d-32029e22d6e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51503", "type": "seen", "source": "https://t.me/cvedetector/11501", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51503 - Trend Micro Deep Security Agent Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-51503 \nPublished : Nov. 19, 2024, 7:15 p.m. | 37\u00a0minutes ago \nDescription : A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20 Agent could allow an attacker to escalate privileges and execute arbitrary code on an affected machine.  In certain circumstances, attackers that have legitimate access to the domain may be able to remotely inject commands to other machines in the same domain.  \n  \nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability locally and must have domain user privileges to affect other machines. \nSeverity: 8.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T21:00:47.000000Z"}, {"uuid": "29ab1866-3deb-472b-b167-c487a6d6bbf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-51504", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/bbcbc485-b88d-4831-b8e9-6e37e7bd9875", "content": "", "creation_timestamp": "2026-01-21T21:18:16.771453Z"}, {"uuid": "84fe7f52-ae09-4ecb-b858-579faacd0bde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51505", "type": "seen", "source": "https://t.me/cvedetector/18351", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51505 - Atos Eviden IDRA Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-51505 \nPublished : Feb. 18, 2025, 6:15 p.m. | 1\u00a0hour, 39\u00a0minutes ago \nDescription : An issue was discovered in Atos Eviden IDRA before 2.7.1. A highly trusted role (Config Admin) could leverage a race condition to escalate privileges. \nSeverity: 8.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-18T20:59:49.000000Z"}, {"uuid": "61e84c20-b065-4840-83ee-2a0aa4a09d10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-51502", "type": "published-proof-of-concept", "source": "https://github.com/bearcove/loona/security/advisories/GHSA-7vm6-qwh5-9x44", "content": "", "creation_timestamp": "2024-11-03T11:38:00.000000Z"}, {"uuid": "7214833d-f4e2-4ee0-be13-6f650895c4e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51504", "type": "seen", "source": "https://t.me/cvedetector/10066", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51504 - ZooKeeper IPAuthenticationProvider Spoofing Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-51504 \nPublished : Nov. 7, 2024, 10:15 a.m. | 34\u00a0minutes ago \nDescription : When using IPAuthenticationProvider in ZooKeeper Admin Server there is a possibility of Authentication Bypass by Spoofing -- this only impacts IP based authentication implemented in ZooKeeper Admin Server. Default configuration of client's IP address detection in\u00a0IPAuthenticationProvider, which uses HTTP request headers, is weak\u00a0and allows an attacker to bypass authentication via spoofing client's IP address in request headers. Default configuration honors X-Forwarded-For HTTP header to read client's IP address. X-Forwarded-For request header is mainly used by proxy servers to identify the client and can be easily spoofed by an attacker pretending that the request comes from a different IP address. Admin Server commands, such as snapshot and restore arbitrarily can be executed on successful exploitation which could potentially lead to information leakage or service availability issues. Users are recommended to upgrade to version 3.9.3, which fixes this issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T11:54:19.000000Z"}, {"uuid": "c57fb98e-f504-4db7-9461-3a5f428f41cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51507", "type": "seen", "source": "https://t.me/cvedetector/9216", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51507 - Tiki Stored Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-51507 \nPublished : Oct. 28, 2024, 11:15 p.m. | 16\u00a0minutes ago \nDescription : Tiki through 27.0 allows users who have certain permissions to insert a \"Create/Edit External Wiki\" stored XSS payload in the Name. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T00:32:31.000000Z"}, {"uuid": "de52c336-8ee0-47ba-8e1f-2ad7f56fb210", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51508", "type": "seen", "source": "https://t.me/cvedetector/9215", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51508 - Tiki Stored Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-51508 \nPublished : Oct. 28, 2024, 11:15 p.m. | 16\u00a0minutes ago \nDescription : Tiki through 27.0 allows users who have certain permissions to insert a \"Create/Edit External Wiki\" stored XSS payload in the Index. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T00:32:30.000000Z"}, {"uuid": "4539e1ef-a5a0-4123-a7ca-c07ce1529b81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51502", "type": "seen", "source": "https://t.me/cvedetector/9793", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51502 - Loona HPack HTTP Header Exploit\", \n  \"Content\": \"CVE ID : CVE-2024-51502 \nPublished : Nov. 4, 2024, 11:15 p.m. | 39\u00a0minutes ago \nDescription : loona is an experimental, HTTP/1.1 and HTTP/2 implementation in Rust on top of io-uring. `loona-hpack` suffers from the same vulnerability as the original `hpack` as documented in issue #11. All users who try to decode untrusted input using the Decoder are vulnerable to this exploit. This issue has been addressed in release version 0.4.3. All users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T01:19:04.000000Z"}, {"uuid": "9901fa4c-7252-423c-98dc-b0c993469970", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51501", "type": "published-proof-of-concept", "source": "https://t.me/cvedetector/9800", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51501 - Refit CRLF Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-51501 \nPublished : Nov. 4, 2024, 11:15 p.m. | 39\u00a0minutes ago \nDescription : Refit is an automatic type-safe REST library for .NET Core, Xamarin and .NET The various header-related Refit attributes (Header, HeaderCollection and Authorize) are vulnerable to CRLF injection. The way HTTP headers are added to a request is via the `HttpHeaders.TryAddWithoutValidation` method. This method does not check for CRLF characters in the header value. This means that any headers added to a refit request are vulnerable to CRLF-injection. In general, CRLF-injection into a HTTP header (when using HTTP/1.1) means that one can inject additional HTTP headers or smuggle whole HTTP requests. If an application using the Refit library passes a user-controllable value through to a header, then that application becomes vulnerable to CRLF-injection. This is not necessarily a security issue for a command line application like the one above, but if such code were present in a web application then it becomes vulnerable to request splitting (as shown in the PoC) and thus Server Side Request Forgery. Strictly speaking this is a potential vulnerability in applications using Refit and not in Refit itself. This issue has been addressed in release version 8.0.0 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T01:19:12.000000Z"}, {"uuid": "12295c64-d979-4b17-9052-ebbd229faaa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-51500", "type": "seen", "source": "https://t.me/cvedetector/9799", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51500 - Meshtastic firmware Broadcast Address Spoofing Amplification Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-51500 \nPublished : Nov. 4, 2024, 11:15 p.m. | 39\u00a0minutes ago \nDescription : Meshtastic firmware is a device firmware for the Meshtastic project. The Meshtastic firmware does not check for packets claiming to be from the special broadcast address (0xFFFFFFFF) which could result in unexpected behavior and potential for DDoS attacks on the network. A malicious actor could craft a packet to be from that address which would result in an amplification of this one message into every node on the network sending multiple messages. Such an attack could result in degraded network performance for all users as the available bandwidth is consumed. This issue has been addressed in release version 2.5.6. All users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T01:19:11.000000Z"}]}