{"vulnerability": "cve-2024-5250", "sightings": [{"uuid": "85b2196b-0c35-4b19-ad77-d0392afdd0ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52505", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113482052715292248", "content": "", "creation_timestamp": "2024-11-14T15:38:25.260963Z"}, {"uuid": "8c730752-3236-446c-9d68-c3dc72aeed9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52508", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113488202426408153", "content": "", "creation_timestamp": "2024-11-15T17:42:22.673943Z"}, {"uuid": "8b40a8ef-83c2-4e21-8d79-5c19884c7993", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52509", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113488261446606409", "content": "", "creation_timestamp": "2024-11-15T17:57:23.046802Z"}, {"uuid": "37dbb599-f4d5-4d82-b639-46e753cf34d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52506", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113505860881634371", "content": "", "creation_timestamp": "2024-11-18T20:33:09.074097Z"}, {"uuid": "daa6c38e-62b0-4199-bbbd-1da8c6a5a1fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52508", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113488187902526394", "content": "", "creation_timestamp": "2024-11-15T17:38:41.268537Z"}, {"uuid": "6139f0bc-e230-485b-a326-46227699eccd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52501", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113560289105286396", "content": "", "creation_timestamp": "2024-11-28T11:14:58.072365Z"}, {"uuid": "ed47a362-969b-4ff3-85a7-1c1d79659e42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52503", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113584025284966323", "content": "", "creation_timestamp": "2024-12-02T15:51:23.444868Z"}, {"uuid": "5c03e309-1a77-4bea-a2cc-4a27ada92cef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52502", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113584025270934926", "content": "", "creation_timestamp": "2024-12-02T15:51:23.001413Z"}, {"uuid": "c701ecc4-90df-4afb-b502-8d6b5b47e526", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52500", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114002321875800724", "content": "", "creation_timestamp": "2025-02-14T12:49:42.793106Z"}, {"uuid": "c1afe80b-c1d3-4708-95fe-59f4acb59ba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52500", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/114002337412807048", "content": "", "creation_timestamp": "2025-02-14T12:53:39.818079Z"}, {"uuid": "61e3d1e0-486e-415e-8de9-03a058d7e143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52500", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li5bx2paj62a", "content": "", "creation_timestamp": "2025-02-14T13:16:04.927253Z"}, {"uuid": "bdf01444-823d-4a2e-95ec-503eba0a0112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52504", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-12", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "53b923e7-3415-48db-b288-64b9d0949810", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52509", "type": "seen", "source": "https://t.me/cvedetector/11134", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52509 - Nextcloud Mail Untrusted File Attachment Creates Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-52509 \nPublished : Nov. 15, 2024, 6:15 p.m. | 42\u00a0minutes ago \nDescription : Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. The Nextcloud mail app incorrectly allowed attaching shared files without download permissions as attachments. This allowed users to send them the files to themselves and then downloading it from their mail clients. It is recommended that the Nextcloud Mail is upgraded to 2.2.10, 3.6.2 or 3.7.2. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T19:58:07.000000Z"}, {"uuid": "0e445ba2-d975-47be-a516-5ef9600be58f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52506", "type": "seen", "source": "https://t.me/cvedetector/11388", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52506 - Graylog Information Leakage Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52506 \nPublished : Nov. 18, 2024, 9:15 p.m. | 37\u00a0minutes ago \nDescription : Graylog is a free and open log management platform. The reporting functionality in Graylog allows the creation and scheduling of reports which contain dashboard widgets displaying individual log messages or metrics aggregated from fields of multiple log messages. This functionality, as included in Graylog 6.1.0 & 6.1.1, is vulnerable to information leakage triggered by multiple concurrent report rendering requests from authorized users. When multiple report renderings are requested at the same start time, the headless browser instance used to render the PDF will be reused. Depending on the timing, either a check for the browser instance \"freshness\" hits, resulting in an error instead of the report being returned, or one of the concurrent report rendering requests \"wins\" and this report is returned for all report rendering requests that do not return an error. This might lead to one user getting the report of a different user, potentially leaking indexed log messages or aggregated data that this user normally has no access to. This problem is fixed in Graylog 6.1.2. There is no known workaround besides disabling the reporting functionality. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T23:14:37.000000Z"}, {"uuid": "952ce646-6466-4905-9a5e-7a700b636c3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52508", "type": "seen", "source": "https://t.me/cvedetector/11133", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52508 - Nextcloud Mail URL Redirection Weakness\", \n  \"Content\": \"CVE ID : CVE-2024-52508 \nPublished : Nov. 15, 2024, 6:15 p.m. | 42\u00a0minutes ago \nDescription : Nextcloud Mail is the mail app for Nextcloud, a self-hosted productivity platform. When a user is trying to set up a mail account with an email address like user@example.tld that does not support auto configuration, and an attacker managed to register autoconfig.tld, the used email details would be send to the server of the attacker. It is recommended that the Nextcloud Mail app is upgraded to 1.14.6, 1.15.4, 2.2.11, 3.6.3, 3.7.7 or 4.0.0. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T19:58:07.000000Z"}, {"uuid": "7609f49d-cda8-4715-81cf-e80d749f0102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52505", "type": "seen", "source": "https://t.me/cvedetector/10967", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52505 - Matrix-Appservice-Irc IRC Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52505 \nPublished : Nov. 14, 2024, 4:15 p.m. | 38\u00a0minutes ago \nDescription : matrix-appservice-irc is a Node.js IRC bridge for the Matrix messaging protocol. The provisioning API of the matrix-appservice-irc bridge up to version 3.0.2 contains a vulnerability which can lead to arbitrary IRC command execution as the bridge IRC bot. The vulnerability has been patched in matrix-appservice-irc version 3.0.3. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T18:20:00.000000Z"}, {"uuid": "a91080a4-10e7-453e-aa97-360fad4b0f41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52507", "type": "seen", "source": "https://t.me/cvedetector/11143", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52507 - Nextcloud Tables Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-52507 \nPublished : Nov. 15, 2024, 6:15 p.m. | 42\u00a0minutes ago \nDescription : Nextcloud Tables allows users to to create tables with individual columns. The information which Table (numeric ID) is shared with which groups and users and the respective permissions was not limited to affected users. It is recommended that the Nextcloud Tables app is upgraded to 0.8.1. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T19:58:21.000000Z"}, {"uuid": "9cc938b2-13bf-4f0c-b33e-cdda9b155365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5250", "type": "seen", "source": "https://t.me/cvedetector/2065", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5250 - Akana API Platform Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-5250 \nPublished : July 30, 2024, 7:15 p.m. | 42\u00a0minutes ago \nDescription : In versions of Akana API Platform prior to 2024.1.0 overly verbose errors can be found in SAML integrations \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T22:26:12.000000Z"}]}