{"vulnerability": "cve-2024-5229", "sightings": [{"uuid": "4ac59a8b-b854-43db-80f1-58860c90c653", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52298", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113476436967747574", "content": "", "creation_timestamp": "2024-11-13T15:50:15.684815Z"}, {"uuid": "e1c7f423-e3d2-4ca4-93f2-03544df97961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52295", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113476467414144768", "content": "", "creation_timestamp": "2024-11-13T15:58:00.252493Z"}, {"uuid": "d0fd6fcf-a71f-4bd8-893e-91437cf6713d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52293", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113476506692863958", "content": "", "creation_timestamp": "2024-11-13T16:07:59.633009Z"}, {"uuid": "4927fde9-81ce-4432-9b26-37a9288ed333", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52291", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113476554741751320", "content": "", "creation_timestamp": "2024-11-13T16:20:13.136107Z"}, {"uuid": "33d8668e-4240-46e2-9803-0850f3924485", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52292", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113476554756372670", "content": "", "creation_timestamp": "2024-11-13T16:20:13.471578Z"}, {"uuid": "eabf6b62-8324-4472-9916-fa0540eeb94a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52294", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113742682794610427", "content": "", "creation_timestamp": "2024-12-30T16:20:04.656733Z"}, {"uuid": "4f8677c2-eda7-4437-9abd-83b63ada5ace", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52290", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16291", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52290\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:L/A:N)\n\ud83d\udd39 Description: LF Edge eKuiper is a lightweight internet of things (IoT) data analytics and stream processing engine. Prior to version 2.1.0 user with rights to modificate the service (e.g. kuiperUser role) can inject a cross-site scripting payload into Connection Configuration key `Name` (`confKey`) parameter. After this setup, when any user with access to this service (e.g. admin) tries to delete this key, a payload acts in the victim's browser. Version 2.1.0 fixes the issue.\n\ud83d\udccf Published: 2025-05-14T07:19:50.045Z\n\ud83d\udccf Modified: 2025-05-14T07:19:50.045Z\n\ud83d\udd17 References:\n1. https://github.com/lf-edge/ekuiper/security/advisories/GHSA-9cwv-pxcr-hfjc", "creation_timestamp": "2025-05-14T07:30:58.000000Z"}, {"uuid": "ad4fc507-c188-430a-b53e-bb8611e04642", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52290", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lp4j7yr5xgc2", "content": "", "creation_timestamp": "2025-05-14T07:52:10.922096Z"}, {"uuid": "9a4980d4-ce84-4b2e-876d-7fbe1b1efe64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52290", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lp4o4ptkwz24", "content": "", "creation_timestamp": "2025-05-14T09:17:41.788843Z"}, {"uuid": "2062b80d-4bb7-4095-ac7b-99b187f56858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52294", "type": "seen", "source": "https://t.me/cvedetector/13938", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52294 - Khoj Stripe Subscription IDOR\", \n  \"Content\": \"CVE ID : CVE-2024-52294 \nPublished : Dec. 30, 2024, 5:15 p.m. | 44\u00a0minutes ago \nDescription : Khoj is a self-hostable artificial intelligence app. Prior to version 1.29.10, an Insecure Direct Object Reference (IDOR) vulnerability in the update_subscription endpoint allows any authenticated user to manipulate other users' Stripe subscriptions by simply modifying the email parameter in the request. The vulnerability exists in the subscription endpoint at `/api/subscription`. The endpoint uses an email parameter as a direct reference to user subscriptions without verifying object ownership. While authentication is required, there is no authorization check to verify if the authenticated user owns the referenced subscription. The issue was fixed in version 1.29.10. Support for arbitrarily presenting an email for update has been deprecated. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-30T19:18:31.000000Z"}, {"uuid": "cee50f07-0c20-4469-b970-294fc2c9bae0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52297", "type": "seen", "source": "https://t.me/cvedetector/10637", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52297 - Tolgee Public Configuration Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-52297 \nPublished : Nov. 12, 2024, 4:15 p.m. | 42\u00a0minutes ago \nDescription : Tolgee is an open-source localization platform. Tolgee 3.81.1 included the all configuration properties in the PublicConfiguratioDTO publicly exposed to users. This vulnerability is fixed in v3.81.2. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T18:03:08.000000Z"}, {"uuid": "6be9f27b-28ab-4429-b616-252a70fcea88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52296", "type": "seen", "source": "https://t.me/cvedetector/10635", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52296 - libosdp Null Pointer Dereference Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52296 \nPublished : Nov. 12, 2024, 4:15 p.m. | 42\u00a0minutes ago \nDescription : libosdp is an implementation of IEC 60839-11-5 OSDP (Open Supervised Device Protocol) and provides a C library with support for C++, Rust and Python3. At ospd_common.c, on the osdp_reply_name function, any reply id between REPLY_ACK and REPLY_XRD is valid, but names array do not declare all of the range. On a case of an undefined reply id within the range, name will be null (name = names[reply_id - REPLY_ACK];). Null name will casue a crash on next line: if (name[0] == '\\0') as null[0] is invalid. As this logic is not limited to a secure connection, attacker may trigger this vulnerability without any prior knowledge. This issue is fixed in 2.4.0. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T18:03:06.000000Z"}, {"uuid": "ad263735-9a66-4204-9a61-de359cf427a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52295", "type": "seen", "source": "Telegram/F6v8N7bpQDw3aVfs4w9Tsg2vnAQ1M-kjylJj4l5D-5CK84Xg", "content": "", "creation_timestamp": "2025-02-20T23:26:55.000000Z"}, {"uuid": "91f2a274-dd91-4e5a-a46c-8a2387ade7d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52298", "type": "seen", "source": "https://t.me/cvedetector/10840", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52298 - (XWiki) PDF Viewer Delegate Input Validation Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52298 \nPublished : Nov. 13, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. The PDF Viewer macro allows an attacker to view any attachment using the \"Delegate my view right\" feature as long as the attacker can view a page whose last author has access to the attachment. For this, the attacker only needs to provide the reference to a PDF file to the macro. To obtain the reference of the desired attachment, the attacker can access the Page Index, Attachments tab. Even if the UI shows N/A, the user can inspect the page and check the HTTP request that fetches the live data entries. The attachment URL is available in the returned JSON for all attachments, including protected ones and allows getting the necessary values. This vulnerability is fixed in version 2.5.6. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:04:04.000000Z"}, {"uuid": "38d8a8fa-f55a-4c86-a8a0-66901a3072a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52299", "type": "seen", "source": "https://t.me/cvedetector/10841", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52299 - XWiki macro-pdfviewer Authenticated Arbitrary File Read\", \n  \"Content\": \"CVE ID : CVE-2024-52299 \nPublished : Nov. 13, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : macro-pdfviewer is a PDF Viewer Macro for XWiki using Mozilla pdf.js. Any user with view right on XWiki.PDFViewerService can access any attachment stored in the wiki as the \"key\" that is passed to prevent this is computed incorrectly, calling skip on the digest stream doesn't update the digest. This is fixed in 2.5.6. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:04:05.000000Z"}, {"uuid": "b939c96e-7d90-4132-88a3-852e91e7904c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52292", "type": "seen", "source": "https://t.me/cvedetector/10848", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52292 - Craft CMS File Exfiltration Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-52292 \nPublished : Nov. 13, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : Craft is a content management system (CMS). The dataUrl function can be exploited if an attacker has write permissions on system notification templates. This function accepts an absolute file path, reads the file's content, and converts it into a Base64-encoded string. By embedding this function within a system notification template, the attacker can exfiltrate the Base64-encoded file content through a triggered system email notification. Once the email is received, the Base64 payload can be decoded, allowing the attacker to read arbitrary files on the server. This is fixed in 5.4.9 and 4.12.8. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:54:21.000000Z"}, {"uuid": "ef25ab2f-8d68-496f-8e90-bf45212e3232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52291", "type": "seen", "source": "https://t.me/cvedetector/10846", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52291 - CraftCMS File System Bypass Vulnerability (RCE/SSIT)\", \n  \"Content\": \"CVE ID : CVE-2024-52291 \nPublished : Nov. 13, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : Craft is a content management system (CMS). A vulnerability in CraftCMS allows an attacker to bypass local file system validation by utilizing a double file:// scheme (e.g., file://file:////). This enables the attacker to specify sensitive folders as the file system, leading to potential file overwriting through malicious uploads, unauthorized access to sensitive files, and, under certain conditions, remote code execution (RCE) via Server-Side Template Injection (SSTI) payloads. Note that this will only work if you have an authenticated administrator account with allowAdminChanges enabled. This is fixed in 5.4.6 and 4.12.5. \nSeverity: 8.4 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:54:19.000000Z"}, {"uuid": "d054b2b1-c4ea-4a1b-b746-24fce1548d96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52295", "type": "seen", "source": "https://t.me/cvedetector/10839", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52295 - DataEase JWT Hardcoded Secret Takeover\", \n  \"Content\": \"CVE ID : CVE-2024-52295 \nPublished : Nov. 13, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : DataEase is an open source data visualization analysis tool. Prior to 2.10.2, DataEase allows attackers to forge jwt and take over services. The JWT secret is hardcoded in the code, and the UID and OID are hardcoded. The vulnerability has been fixed in v2.10.2. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:04:00.000000Z"}, {"uuid": "3cf01f18-8361-40a5-92b2-c6e9e7967cb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52293", "type": "seen", "source": "https://t.me/cvedetector/10838", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52293 - Craft CMS Remote Code Execution via Twig SSTI Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52293 \nPublished : Nov. 13, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : Craft is a content management system (CMS). Prior to 4.12.2 and 5.4.3, Craft is missing normalizePath in the function FileHelper::absolutePath could lead to Remote Code Execution on the server via twig SSTI. This is a sequel to CVE-2023-40035. This vulnerability is fixed in 4.12.2 and 5.4.3. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:04:00.000000Z"}]}