{"vulnerability": "cve-2024-5445", "sightings": [{"uuid": "4e00724b-a6e5-4164-994c-cb3f8ab18f44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-54450", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113726498342785834", "content": "", "creation_timestamp": "2024-12-27T19:44:09.499009Z"}, {"uuid": "2d0d43b2-767f-4e27-acf7-8b9ca29ee252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-54451", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113726498358053587", "content": "", "creation_timestamp": "2024-12-27T19:44:09.739995Z"}, {"uuid": "e8f66559-0f85-4810-aeef-cc7335384dff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-54452", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113726524273820716", "content": "", "creation_timestamp": "2024-12-27T19:50:45.504586Z"}, {"uuid": "e0673418-37d2-49c2-974f-73cf3c428fff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-54453", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113726524288536762", "content": "", "creation_timestamp": "2024-12-27T19:50:45.562515Z"}, {"uuid": "9ac40fab-add5-4dff-bf78-f1bef6f7fc16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-54454", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113726524302791918", "content": "", "creation_timestamp": "2024-12-27T19:50:45.734793Z"}, {"uuid": "7fc9d679-12f8-4453-a246-03e579c40cce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54450", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecskerwgg22", "content": "", "creation_timestamp": "2024-12-27T20:15:45.886901Z"}, {"uuid": "d8aa5130-9ea3-43dd-9311-0dd9d7ccc559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54451", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecskh6zom25", "content": "", "creation_timestamp": "2024-12-27T20:15:48.391649Z"}, {"uuid": "9bfb3c33-2a74-4dbd-b6c7-c75b0d37c18a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54452", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecskjhnkw2i", "content": "", "creation_timestamp": "2024-12-27T20:15:50.971084Z"}, {"uuid": "975f7ee4-0ceb-4d9a-a64e-a90194606f3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54453", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecskm5hcu22", "content": "", "creation_timestamp": "2024-12-27T20:15:53.741766Z"}, {"uuid": "1b1405bf-59a7-4e3b-93b5-5f01665c63b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54454", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecskorfgy25", "content": "", "creation_timestamp": "2024-12-27T20:15:56.469559Z"}, {"uuid": "3b837709-f606-4cd5-9e33-319d8235382d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54455", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfhs5blbot2f", "content": "", "creation_timestamp": "2025-01-11T13:16:55.895538Z"}, {"uuid": "9ada851e-ba11-4959-b923-5ee289d0ecfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54458", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lrtheiu25s2v", "content": "", "creation_timestamp": "2025-06-17T21:38:25.341061Z"}, {"uuid": "ed5fcc0c-a840-4343-aee7-add3881c6908", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-54456", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "1973a1d9-ecc8-4303-b929-d39db56e5000", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "c933734a-9be8-4142-889e-26e95c752803", "vulnerability": "CVE-2024-54458", "type": "seen", "source": "https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8", "content": "", "creation_timestamp": "2025-12-03T14:14:49.267740Z"}, {"uuid": "0fe3c080-3a43-4c95-9ce2-c95e2f55dc1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54451", "type": "seen", "source": "https://t.me/cvedetector/13797", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54451 - Kurmi Provisioning Suite XSS Locator Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-54451 \nPublished : Dec. 27, 2024, 8:15 p.m. | 26\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability in the graphicCustomization.do page in Kurmi Provisioning Suite before 7.9.0.38, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15 allows remote attackers (authenticated as system administrators) to inject arbitrary web script or HTML via the COMPONENT_fields(htmlTitle) field, which is rendered in other pages of the application for all users (if the graphical customization has been activated by a super-administrator). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T21:52:46.000000Z"}, {"uuid": "6ba764b3-16d5-47dc-9346-c31a228a56e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54455", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1306", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54455\n\ud83d\udd39 Description: In the Linux kernel, the following vulnerability has been resolved:\n\naccel/ivpu: Fix general protection fault in ivpu_bo_list()\n\nCheck if ctx is not NULL before accessing its fields.\n\ud83d\udccf Published: 2025-01-11T12:35:42.392Z\n\ud83d\udccf Modified: 2025-01-11T12:35:42.392Z\n\ud83d\udd17 References:\n1. https://git.kernel.org/stable/c/a1e597ee5920a6aabdf4dfc3bf76e55e1b115e23\n2. https://git.kernel.org/stable/c/4b2efb9db0c22a130bbd1275e489b42c02d08050", "creation_timestamp": "2025-01-11T13:06:28.000000Z"}, {"uuid": "cbea4561-1076-46a0-b65b-156911757a8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54450", "type": "seen", "source": "https://t.me/cvedetector/13795", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54450 - Kurmi Provisioning Suite Reflected IP Address Spoofing\", \n  \"Content\": \"CVE ID : CVE-2024-54450 \nPublished : Dec. 27, 2024, 8:15 p.m. | 26\u00a0minutes ago \nDescription : An issue was discovered in Kurmi Provisioning Suite 7.9.0.33. If an X-Forwarded-For header is received during authentication, the Kurmi application will record the (possibly forged) IP address mentioned in that header rather than the real IP address that the user logged in from. This fake IP address can later be displayed in the My Account popup that shows the IP address that was used to log in. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T21:52:45.000000Z"}, {"uuid": "0fafd0a1-ff3e-42f1-9d2f-a16ac9691e8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54454", "type": "seen", "source": "https://t.me/cvedetector/13800", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54454 - Kurmi Provisioning Suite Observable Response Discrepancy Directory Brute Force\", \n  \"Content\": \"CVE ID : CVE-2024-54454 \nPublished : Dec. 27, 2024, 8:15 p.m. | 26\u00a0minutes ago \nDescription : An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. An Observable Response Discrepancy vulnerability in the sendPasswordReinitLink action of the unlogged.do page allows remote attackers to test whether a username is valid or not. This allows confirmation of valid usernames. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T21:52:52.000000Z"}, {"uuid": "cf28c295-134a-4c81-9fff-ec13e7c9cfca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54453", "type": "seen", "source": "https://t.me/cvedetector/13799", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54453 - Kurmi Provisioning Suite Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-54453 \nPublished : Dec. 27, 2024, 8:15 p.m. | 26\u00a0minutes ago \nDescription : An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35, 7.10.x through 7.10.0.18, and 7.11.x through 7.11.0.15. A path traversal vulnerability in the DocServlet servlet allows remote attackers to retrieve any file from the Kurmi web application installation folder, e.g., files such as the obfuscated and/or compiled Kurmi source code. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T21:52:48.000000Z"}, {"uuid": "f2160179-cae5-4519-a6b7-de33e09f2301", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54452", "type": "seen", "source": "https://t.me/cvedetector/13798", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54452 - Kurmi Provisioning Suite Directory Traversal and Local File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-54452 \nPublished : Dec. 27, 2024, 8:15 p.m. | 26\u00a0minutes ago \nDescription : An issue was discovered in Kurmi Provisioning Suite before 7.9.0.35 and 7.10.x through 7.10.0.18. A Directory Traversal and Local File Inclusion vulnerability in the logsSys.do page allows remote attackers (authenticated as administrators) to trigger the display of unintended files. Any file accessible to the Kurmi user account could be displayed, e.g., configuration files with information such as the database password. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T21:52:47.000000Z"}, {"uuid": "076b817a-a1da-426b-a5ff-01c3901fd4e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-54457", "type": "seen", "source": "https://t.me/cvedetector/13170", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-54457 - \"AEMicro AE1021 Telnet Inclusion Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-54457 \nPublished : Dec. 18, 2024, 7:15 a.m. | 24\u00a0minutes ago \nDescription : Inclusion of undocumented features or chicken bits issue exists in AE1021 firmware versions 2.0.10 and earlier and AE1021PE firmware versions 2.0.10 and earlier, which may allow a logged-in user to enable telnet service. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-18T08:40:31.000000Z"}]}