{"vulnerability": "cve-2024-5255", "sightings": [{"uuid": "81db2eee-80de-40e3-9a98-35365c6eb737", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52550", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113477637453366988", "content": "", "creation_timestamp": "2024-11-13T20:55:33.839699Z"}, {"uuid": "32403268-4e47-4d72-a19f-e71793933bc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52551", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113477637468060416", "content": "", "creation_timestamp": "2024-11-13T20:55:34.231439Z"}, {"uuid": "4fbc1a05-427a-4ce5-91d7-c35ade1888f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52552", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113477696472032526", "content": "", "creation_timestamp": "2024-11-13T21:10:34.224610Z"}, {"uuid": "f9c8c234-edd6-4473-a4b3-b720939b79ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52553", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113477696486322566", "content": "", "creation_timestamp": "2024-11-13T21:10:34.397521Z"}, {"uuid": "7fcfd50d-e638-4dc4-a424-6ce49b164252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52554", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113477696501798116", "content": "", "creation_timestamp": "2024-11-13T21:10:34.785414Z"}, {"uuid": "86cd402c-9a23-42ca-87a2-2ecc7f98791a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52550", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113477970956610756", "content": "", "creation_timestamp": "2024-11-13T22:20:22.863937Z"}, {"uuid": "d45597dc-3c16-4ee0-85e0-54089bc889ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52551", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113477970956610756", "content": "", "creation_timestamp": "2024-11-13T22:20:22.885748Z"}, {"uuid": "daff56db-7b07-46d0-b039-994013af940b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52552", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113477970956610756", "content": "", "creation_timestamp": "2024-11-13T22:20:22.914998Z"}, {"uuid": "934be549-68d2-4542-be21-74c36a7c5aff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52553", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113477970956610756", "content": "", "creation_timestamp": "2024-11-13T22:20:22.932261Z"}, {"uuid": "9f0442d9-bc26-4f8d-92de-4c5ebc54839d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52554", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113477970956610756", "content": "", "creation_timestamp": "2024-11-13T22:20:22.972570Z"}, {"uuid": "4e0308de-b0ef-4608-9352-8c010b6d0ded", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52555", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113487688894650617", "content": "", "creation_timestamp": "2024-11-15T15:31:46.624882Z"}, {"uuid": "7ca088f3-3f22-4e8e-a148-789bb31169dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52558", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-340-02", "content": "", "creation_timestamp": "2024-12-05T11:00:00.000000Z"}, {"uuid": "5778b77b-88e6-4f68-97fe-31880b7f6d06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52558", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113607060223227778", "content": "", "creation_timestamp": "2024-12-06T17:29:28.449101Z"}, {"uuid": "47675964-1485-44d8-b56c-b11733327faf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52558", "type": "seen", "source": "https://bsky.app/profile/hackingne.ws/post/3lfx2yq54or2y", "content": "", "creation_timestamp": "2025-01-17T15:05:23.645779Z"}, {"uuid": "65dfd55a-e6e4-4daf-82c3-de175571e424", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52558", "type": "seen", "source": "https://bsky.app/profile/techifeunity.bsky.social/post/3lg5hd3s4722s", "content": "", "creation_timestamp": "2025-01-20T04:01:58.993184Z"}, {"uuid": "a26bb164-2d65-4d3a-8732-a860aef91a96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-52559", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "0aebd5a2-d5b0-44df-b007-6684f04be3b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-52559", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "95598999-a27b-4501-816b-f2e77c33c2bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52558", "type": "seen", "source": "https://t.me/cvedetector/12261", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52558 - The affected product is vulnerable to an integer u\", \n  \"Content\": \"CVE ID : CVE-2024-52558 \nPublished : Dec. 6, 2024, 6:15 p.m. | 28\u00a0minutes ago \nDescription : The affected product is vulnerable to an integer underflow. An unauthenticated attacker could send a malformed HTTP request, which could allow the attacker to crash the program. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-06T19:48:37.000000Z"}, {"uuid": "e7a7760c-9944-4882-a5eb-8c7c6612bbf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52559", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5670", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52559\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/msm/gem: prevent integer overflow in msm_ioctl_gem_submit()\n\nThe \"submit->cmd[i].size\" and \"submit->cmd[i].offset\" variables are u32\nvalues that come from the user via the submit_lookup_cmds() function.\nThis addition could lead to an integer wrapping bug so use size_add()\nto prevent that.\n\nPatchwork: https://patchwork.freedesktop.org/patch/624696/\n\ud83d\udccf Published: 2025-02-27T02:18:07.106Z\n\ud83d\udccf Modified: 2025-02-27T12:57:17.009Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/2b99b2c4621d13bd4374ef384e8f1fc188d0a5df\n2. https://git.kernel.org/stable/c/2f1845e46c41ed500789d53dc45b383b7745c96c\n3. https://git.kernel.org/stable/c/e43a0f1327a1ee70754f8a0de6e0262cfa3e0b87\n4. https://git.kernel.org/stable/c/3a47f4b439beb98e955d501c609dfd12b7836d61", "creation_timestamp": "2025-02-27T13:27:35.000000Z"}, {"uuid": "ef31e12f-ab15-4ad4-ad15-241eb85858fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52552", "type": "seen", "source": "https://t.me/cvedetector/10880", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52552 - Jenkins Authorize Project Plugin Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-52552 \nPublished : Nov. 13, 2024, 9:15 p.m. | 41\u00a0minutes ago \nDescription : Jenkins Authorize Project Plugin 1.7.2 and earlier evaluates a string containing the job name with JavaScript on the Authorization view, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers with Item/Configure permission. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T23:05:39.000000Z"}, {"uuid": "62cdbcbb-c56d-47b8-a86f-46157946ae20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52554", "type": "seen", "source": "https://t.me/cvedetector/10882", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52554 - Jenkins Shared Library Version Override Plugin Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-52554 \nPublished : Nov. 13, 2024, 9:15 p.m. | 41\u00a0minutes ago \nDescription : Jenkins Shared Library Version Override Plugin 17.v786074c9fce7 and earlier declares folder-scoped library overrides as trusted, so that they're not executed in the Script Security sandbox, allowing attackers with Item/Configure permission on a folder to configure a folder-scoped library override that runs without sandbox protection. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T23:05:40.000000Z"}, {"uuid": "e1d350d0-2456-4551-9056-42b5999fd7db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52555", "type": "seen", "source": "https://t.me/cvedetector/11092", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52555 - JetBrains WebStorm Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52555 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : In JetBrains WebStorm before 2024.3 code execution in Untrusted Project mode was possible via type definitions installer script \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:06.000000Z"}, {"uuid": "e244f5b0-bcb1-44fb-9b9b-61201b878e44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52553", "type": "seen", "source": "https://t.me/cvedetector/10881", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52553 - Jenkins OpenId Connect Authentication Plugin Improper Session Handling\", \n  \"Content\": \"CVE ID : CVE-2024-52553 \nPublished : Nov. 13, 2024, 9:15 p.m. | 41\u00a0minutes ago \nDescription : Jenkins OpenId Connect Authentication Plugin 4.418.vccc7061f5b_6d and earlier does not invalidate the previous session on login. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T23:05:39.000000Z"}, {"uuid": "415646a2-e89f-4d9b-ad22-bc9d22edf0c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52551", "type": "seen", "source": "https://t.me/cvedetector/10879", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52551 - Jenkins Pipeline Declarative Plugin Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-52551 \nPublished : Nov. 13, 2024, 9:15 p.m. | 41\u00a0minutes ago \nDescription : Jenkins Pipeline: Declarative Plugin 2.2214.vb_b_34b_2ea_9b_83 and earlier does not check whether the main (Jenkinsfile) script used to restart a build from a specific stage is approved, allowing attackers with Item/Build permission to restart a previous build whose (Jenkinsfile) script is no longer approved. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T23:05:35.000000Z"}, {"uuid": "fa3c589b-0142-4d22-af3b-bf3b40ac3750", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52550", "type": "seen", "source": "https://t.me/cvedetector/10878", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52550 - Jenkins Pipeline: Groovy Plugin Unapproved Jenkinsfile Rebuild Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52550 \nPublished : Nov. 13, 2024, 9:15 p.m. | 41\u00a0minutes ago \nDescription : Jenkins Pipeline: Groovy Plugin 3990.vd281dd77a_388 and earlier, except 3975.3977.v478dd9e956c3 does not check whether the main (Jenkinsfile) script for a rebuilt build is approved, allowing attackers with Item/Build permission to rebuild a previous build whose (Jenkinsfile) script is no longer approved. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T23:05:34.000000Z"}, {"uuid": "f6475904-6c05-47ce-8950-9c26d1c16fe1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5255", "type": "seen", "source": "https://t.me/cvedetector/1055", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5255 - WPBakery Ultimate Dual Color Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-5255 \nPublished : July 17, 2024, 7:15 a.m. | 29\u00a0minutes ago \nDescription : The Ultimate Addons for WPBakery plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's ultimate_dual_color shortcode in all versions up to, and including, 3.19.20 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T09:51:26.000000Z"}, {"uuid": "b34e689d-ec15-43ad-ba98-858768881920", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52558", "type": "seen", "source": "https://t.me/true_secator/6636", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Claroty \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u044e\u0442 \u043e \u0442\u0440\u0435\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u0445 \u0432 \u043f\u0440\u043e\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u044b\u0445 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0430\u0445 WGS-804HPT \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 Planet Technology, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0436\u043d\u043e \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0438\u0442\u044c \u0432 \u0446\u0435\u043f\u043e\u0447\u043a\u0443 \u0434\u043b\u044f \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0434\u043e \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445.\n\n\u0417\u0430\u0442\u0440\u043e\u043d\u0443\u0442\u044b\u0435 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u044b \u0448\u0438\u0440\u043e\u043a\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u0445 \u0430\u0432\u0442\u043e\u043c\u0430\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0437\u0434\u0430\u043d\u0438\u0439 \u0438 \u0434\u043e\u043c\u043e\u0432 \u0434\u043b\u044f \u0440\u0430\u0437\u043b\u0438\u0447\u043d\u044b\u0445 \u0441\u0435\u0442\u0435\u0432\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u043e\u0434\u043d\u0438\u043c \u0438\u0437 \u044d\u0442\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0438\u0445 \u0434\u043b\u044f \u0434\u0430\u043b\u044c\u043d\u0435\u0439\u0448\u0435\u0439 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0432\u043e \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0435\u0439 \u0441\u0435\u0442\u0438 \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0433\u043e\u0440\u0438\u0437\u043e\u043d\u0442\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043f\u0435\u0440\u0435\u043c\u0435\u0449\u0435\u043d\u0438\u044f.\n\n\u041f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0443\u0434\u0430\u043b\u043e\u0441\u044c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0433\u043b\u0443\u0431\u043e\u043a\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430 \u043f\u0440\u043e\u0448\u0438\u0432\u043a\u0438, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u0439 \u0432 \u044d\u0442\u0438\u0445 \u043a\u043e\u043c\u043c\u0443\u0442\u0430\u0442\u043e\u0440\u0430\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0430 QEMU. \n\n\u0412\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438, \u043a\u0430\u043a \u043e\u043a\u0430\u0437\u0430\u043b\u043e\u0441\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u044b \u0441 \u0438\u043d\u0442\u0435\u0440\u0444\u0435\u0439\u0441\u043e\u043c dispatcher.cgi, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u043c\u043e\u043c \u0434\u043b\u044f \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0438 \u0432\u0435\u0431-\u0441\u0435\u0440\u0432\u0438\u0441\u0430.\n\n\u0421\u0440\u0435\u0434\u0438 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0445 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0441\u043b\u0435\u0434\u0443\u044e\u0449\u0438\u0435:\n\n- CVE-2024-52558\u00a0(CVSS: 5,3): \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430 \u0441 \u043f\u043e\u0442\u0435\u0440\u0435\u0439 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0437\u043d\u0430\u0447\u0435\u043d\u0438\u044f, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0438\u0441\u043a\u0430\u0436\u0435\u043d\u043d\u044b\u0439 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a \u0441\u0431\u043e\u044e.\n\n- CVE-2024-52320\u00a0(CVSS: 9,8): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432\u043d\u0435\u0434\u0440\u0435\u043d\u0438\u044f \u043a\u043e\u043c\u0430\u043d\u0434 \u041e\u0421, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0432\u0442\u043e\u0440\u0438\u0437\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u0447\u0435\u0440\u0435\u0437 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441, \u0447\u0442\u043e \u043f\u0440\u0438\u0432\u043e\u0434\u0438\u0442 \u043a RCE.\n\n- CVE-2024-48871\u00a0(CVSS: 9,8): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0439 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441, \u0447\u0442\u043e \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0438\u0432\u0435\u0434\u0435\u0442 \u043a RCE.\n\n\u0423\u0441\u043f\u0435\u0448\u043d\u0430\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u0435\u0440\u0435\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043f\u043e\u0442\u043e\u043a \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f, \u0432\u043d\u0435\u0434\u0440\u0438\u0432 \u0448\u0435\u043b\u043b-\u043a\u043e\u0434 \u0432 HTTP-\u0437\u0430\u043f\u0440\u043e\u0441 \u0438 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b.\n\n\u041f\u043e\u0441\u043b\u0435 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0442\u0430\u0439\u0432\u0430\u043d\u044c\u0441\u043a\u0438\u0439 \u0440\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u043e\u0432 \u0432 \u0441\u043e\u0441\u0442\u0430\u0432\u0435 \u0432\u0435\u0440\u0441\u0438\u0438 1.305b241111, \u0432\u044b\u0448\u0435\u0434\u0448\u0435\u0439 15 \u043d\u043e\u044f\u0431\u0440\u044f 2024 \u0433\u043e\u0434\u0430.", "creation_timestamp": "2025-01-20T15:07:11.000000Z"}, {"uuid": "501e3a68-3928-4f35-a450-44dc698fb0f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52555", "type": "seen", "source": "Telegram/u7Vgv_BrPRcmHTAA3AU80si6P0iRvywHGhtAw32_8J9d8hSt", "content": "", "creation_timestamp": "2025-02-01T17:28:09.000000Z"}, {"uuid": "7a112a8f-b604-49d9-a0a5-788345e18b56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52550", "type": "published-proof-of-concept", "source": "Telegram/EUjFtpfWmQCCiI3QE6k9fNf8U9NSLKRgk3MQ4WNVb8t4qx0", "content": "", "creation_timestamp": "2025-04-15T23:00:05.000000Z"}, {"uuid": "5fd4b6d1-2588-44a8-ad35-a8f192a3ccdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52550", "type": "published-proof-of-concept", "source": "Telegram/Tz2s4dWBDCMxptFMqjH1pfsiKt1Jb6F0OQY1E-Dj9Kb60Ks", "content": "", "creation_timestamp": "2025-04-16T13:00:08.000000Z"}]}