{"vulnerability": "cve-2024-5673", "sightings": [{"uuid": "3a0b3bde-ee3f-4147-9fc2-93307cee5c70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56732", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113726606513392791", "content": "", "creation_timestamp": "2024-12-27T20:11:40.185407Z"}, {"uuid": "97a624ee-faa5-445c-9de9-0065d7319f27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56732", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lecskrio2g22", "content": "", "creation_timestamp": "2024-12-27T20:15:59.500760Z"}, {"uuid": "e74a7d3e-7639-40e7-9cea-7dfebc6b81d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56737", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113734762345427147", "content": "", "creation_timestamp": "2024-12-29T06:45:48.209556Z"}, {"uuid": "ab8287ec-7393-473c-9b12-25f1b900296a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56738", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113734762360043575", "content": "", "creation_timestamp": "2024-12-29T06:45:48.592176Z"}, {"uuid": "c3004444-d6a1-42a4-a172-d4bcdb269733", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56737", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leghuvr5u422", "content": "", "creation_timestamp": "2024-12-29T07:15:26.593962Z"}, {"uuid": "2d7bf241-ddf8-499f-a1bb-7f941daa171c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56738", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leghuy2jjh2m", "content": "", "creation_timestamp": "2024-12-29T07:15:28.731348Z"}, {"uuid": "49367513-afa3-4038-bff3-0ed60f43961b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56730", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113736037616251028", "content": "", "creation_timestamp": "2024-12-29T12:10:07.882929Z"}, {"uuid": "b061d6fb-93e6-4b64-9f97-b8c91cbd193a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56739", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113736037631370752", "content": "", "creation_timestamp": "2024-12-29T12:10:07.961995Z"}, {"uuid": "b16b880b-38a5-4fba-9836-8b3e4fb9731a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56730", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legynyvzlg25", "content": "", "creation_timestamp": "2024-12-29T12:15:48.715536Z"}, {"uuid": "0bd0921b-24b2-4ef0-bded-03331776ee7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56739", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legyo33bfo25", "content": "", "creation_timestamp": "2024-12-29T12:15:50.822538Z"}, {"uuid": "87e39fd5-a862-41d1-a20b-f40d059271a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56733", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113742795180540697", "content": "", "creation_timestamp": "2024-12-30T16:48:39.576119Z"}, {"uuid": "b740c989-d9b8-49aa-95bd-1d9fe0cd3e8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56734", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113742892903396443", "content": "", "creation_timestamp": "2024-12-30T17:13:30.832084Z"}, {"uuid": "005e1c71-5614-4db8-a47c-3d49c70f0a54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56731", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lsqetoazms27", "content": "", "creation_timestamp": "2025-06-29T09:40:24.611117Z"}, {"uuid": "147cb5d6-8761-4b28-ba6c-07e0d33c41c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56731", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114774100581117797", "content": "", "creation_timestamp": "2025-06-30T20:03:11.404319Z"}, {"uuid": "8f2295d5-5324-4351-ae38-6396842066fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56738", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lvtq72aqok2l", "content": "", "creation_timestamp": "2025-08-07T21:57:16.666384Z"}, {"uuid": "735d362d-4d7f-4a74-97a3-5a4bd98b69b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56736", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lmwyg7nexd2q", "content": "", "creation_timestamp": "2025-04-16T16:15:35.907393Z"}, {"uuid": "f4e97c3d-a55e-4507-abbf-a7e16d80c54c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56731", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsdfjtqac72s", "content": "", "creation_timestamp": "2025-06-24T05:48:11.189334Z"}, {"uuid": "29deca15-9ac6-4b2d-88c9-173c746f5463", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56734", "type": "seen", "source": "Telegram/Ju4ikepgZXIrBR48ybMuwvZYHxZpoWOINOTmshCuddu4Jw3q", "content": "", "creation_timestamp": "2025-03-02T11:45:37.000000Z"}, {"uuid": "eb4219aa-9e44-4184-9604-2a04ac0f94f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56738", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3lwm2dwipn22w", "content": "", "creation_timestamp": "2025-08-17T14:02:48.016660Z"}, {"uuid": "378a12c4-6158-4731-b1e2-cab01d090023", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56731", "type": "seen", "source": "https://gist.github.com/alon710/b1bbb34e2f8fd6edb93ac300700cdbf5", "content": "", "creation_timestamp": "2026-01-24T21:32:13.000000Z"}, {"uuid": "fec7f0e9-5328-4910-9f99-d038c121013e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56731", "type": "seen", "source": "https://gist.github.com/alon710/9ab620d3826e9242e97ff8b60798dfb8", "content": "", "creation_timestamp": "2026-01-24T22:44:30.000000Z"}, {"uuid": "9bb59a18-2a6c-4ffb-894c-a587aa6fb55b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56739", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-226-07", "content": "", "creation_timestamp": "2025-08-14T10:00:00.000000Z"}, {"uuid": "27499ca2-d85f-4edb-bb37-2c3603702a55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56731", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3menjlmu6k22w", "content": "", "creation_timestamp": "2026-02-12T08:00:54.548285Z"}, {"uuid": "59d09385-c4ca-4604-ba4e-ab70ff36cc7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-56737", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "1824b422-5771-485f-98db-59923817e0f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2024-56738", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "32e417d0-d2c8-4bf8-817d-f3ea48084241", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56731", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19309", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56731\n\ud83d\udd25 CVSS Score: 10 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)\n\ud83d\udd39 Description: Gogs is an open source self-hosted Git service. Prior to version 0.13.3, it's still possible to delete files under the .git directory and achieve remote command execution due to an insufficient patch for CVE-2024-39931. Unprivileged user accounts can execute arbitrary commands on the Gogs instance with the privileges of the account specified by RUN_USER in the configuration. Allowing attackers to access and alter any users' code hosted on the same instance. This issue has been patched in version 0.13.3.\n\ud83d\udccf Published: 2025-06-24T03:37:42.327Z\n\ud83d\udccf Modified: 2025-06-24T03:37:42.327Z\n\ud83d\udd17 References:\n1. https://github.com/gogs/gogs/security/advisories/GHSA-wj44-9vcg-wjq7\n2. https://github.com/gogs/gogs/commit/77a4a945ae9a87f77e392e9066b560edb71b5de9\n3. https://github.com/gogs/gogs/releases/tag/v0.13.3", "creation_timestamp": "2025-06-24T04:48:49.000000Z"}, {"uuid": "67ca3244-9950-40d0-80a1-6d043523b9bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56734", "type": "seen", "source": "https://t.me/cvedetector/18841", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-27143 - Better Auth Open Redirect Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-27143 \nPublished : Feb. 24, 2025, 11:15 p.m. | 1\u00a0hour, 54\u00a0minutes ago \nDescription : Better Auth is an authentication and authorization library for TypeScript. Prior to version 1.1.21, the application is vulnerable to an open redirect due to improper validation of the callbackURL parameter in the email verification endpoint and any other endpoint that accepts callback url. While the server blocks fully qualified URLs, it incorrectly allows scheme-less URLs. This results in the browser interpreting the URL as a fully qualified URL, leading to unintended redirection. An attacker can exploit this flaw by crafting a malicious verification link and tricking users into clicking it. Upon successful email verification, the user will be automatically redirected to the attacker's website, which can be used for phishing, malware distribution, or stealing sensitive authentication tokens. This CVE is a bypass of the fix for GHSA-8jhw-6pjj-8723/CVE-2024-56734. Version 1.1.21 contains an updated patch. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-25T02:19:27.000000Z"}, {"uuid": "3a36242e-113f-4d58-a3b6-57c8b8e75f37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56739", "type": "seen", "source": "https://t.me/cvedetector/13887", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56739 - Linux Kernel Bluetooth: Uninitialized Date/Time Read\", \n  \"Content\": \"CVE ID : CVE-2024-56739 \nPublished : Dec. 29, 2024, 12:15 p.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nrtc: check if __rtc_read_time was successful in rtc_timer_do_work()  \n  \nIf the __rtc_read_time call fails,, the struct rtc_time tm; may contain  \nuninitialized data, or an illegal date/time read from the RTC hardware.  \n  \nWhen calling rtc_tm_to_ktime later, the result may be a very large value  \n(possibly KTIME_MAX). If there are periodic timers in rtc->timerqueue,  \nthey will continually expire, may causing kernel softlockup. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T14:02:18.000000Z"}, {"uuid": "e49ea52b-8ddc-4ea7-97b1-243fbe37dd37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56731", "type": "published-proof-of-concept", "source": "Telegram/xYRYp9RnMrs6asvPZWHHQ0msOulfM9P8474m_eOJ4G31k98", "content": "", "creation_timestamp": "2025-06-24T04:32:30.000000Z"}, {"uuid": "8b838953-f4fd-4b1d-b01b-9809f3cac588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56730", "type": "seen", "source": "https://t.me/cvedetector/13885", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56730 - Linux 9p USBG Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-56730 \nPublished : Dec. 29, 2024, 12:15 p.m. | 44\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved:  \n  \nnet/9p/usbg: fix handling of the failed kzalloc() memory allocation  \n  \nOn the linux-next, next-20241108 vanilla kernel, the coccinelle tool gave the  \nfollowing error report:  \n  \n./net/9p/trans_usbg.c:912:5-11: ERROR: allocation function on line 911 returns  \nNULL not ERR_PTR on failure  \n  \nkzalloc() failure is fixed to handle the NULL return case on the memory exhaustion. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T14:02:17.000000Z"}, {"uuid": "d2ac980d-35e1-4a00-8336-29bf05e654c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56733", "type": "seen", "source": "https://t.me/cvedetector/13941", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56733 - Password Pusher: Session Cookie Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-56733 \nPublished : Dec. 30, 2024, 5:15 p.m. | 44\u00a0minutes ago \nDescription : Password Pusher is an open source application to communicate sensitive information over the web. A vulnerability has been reported in versions 1.50.3 and prior where an attacker can copy the session cookie before a user logs out, potentially allowing session hijacking. Although the session token is replaced and invalidated upon logout, if an attacker manages to capture the session cookie before this process, they can use the token to gain unauthorized access to the user's session until the token expires or is manually cleared. This vulnerability hinges on the attacker's ability to access the session cookie during an active session, either through a man-in-the-middle attack, by exploiting another vulnerability like XSS, or via direct access to the victim's device. Although there is no direct resolution to this vulnerability, it is recommended to always use the latest version of Password Pusher to best mitigate risk. If self-hosting, ensure Password Pusher is hosted exclusively over SSL connections to encrypt traffic and prevent session cookies from being intercepted in transit. Additionally, implement best practices in local security to safeguard user systems, browsers, and data against unauthorized access. \nSeverity: 5.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-30T19:18:33.000000Z"}, {"uuid": "a6f57d38-0302-45a6-8139-052cdc28c7e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56734", "type": "seen", "source": "https://t.me/cvedetector/13937", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56734 - Better Auth Open Redirect Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56734 \nPublished : Dec. 30, 2024, 5:15 p.m. | 44\u00a0minutes ago \nDescription : Better Auth is an authentication library for TypeScript. An open redirect vulnerability has been identified in the verify email endpoint of all versions of Better Auth prior to v1.1.6, potentially allowing attackers to redirect users to malicious websites. This issue affects users relying on email verification links generated by the library. The verify email callback endpoint accepts a `callbackURL` parameter. Unlike other verification methods, email verification only uses JWT to verify and redirect without proper validation of the target domain. The origin checker is bypassed in this scenario because it only checks for `POST` requests. An attacker can manipulate this parameter to redirect users to arbitrary URLs controlled by the attacker. Version 1.1.6 contains a patch for the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-30T19:18:30.000000Z"}, {"uuid": "161792a0-dfd3-4dd5-a907-ffa81783186a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56738", "type": "seen", "source": "https://t.me/cvedetector/13856", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56738 - GNU GRUB Timing Attack Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56738 \nPublished : Dec. 29, 2024, 7:15 a.m. | 43\u00a0minutes ago \nDescription : GNU GRUB (aka GRUB2) through 2.12 does not use a constant-time algorithm for grub_crypto_memcmp and thus allows side-channel attacks. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T09:00:48.000000Z"}, {"uuid": "6337d941-ed75-4c7b-b6e4-a104d5e35d61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56732", "type": "seen", "source": "https://t.me/cvedetector/13801", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56732 - HarfBuzz Heap-Based Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-56732 \nPublished : Dec. 27, 2024, 8:15 p.m. | 26\u00a0minutes ago \nDescription : HarfBuzz is a text shaping engine. Starting with 8.5.0 through 10.0.1, there is a heap-based buffer overflow in the hb_cairo_glyphs_from_buffer function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-27T21:52:53.000000Z"}, {"uuid": "a9b0c1be-da79-43e7-aa74-d72108985802", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56737", "type": "seen", "source": "https://t.me/cvedetector/13855", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56737 - GRUB HFS Heap-Based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56737 \nPublished : Dec. 29, 2024, 7:15 a.m. | 43\u00a0minutes ago \nDescription : GNU GRUB (aka GRUB2) through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T09:00:47.000000Z"}, {"uuid": "f0b87e54-5e1a-401c-b951-a870eb2d912e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56737", "type": "seen", "source": "https://t.me/true_secator/6896", "content": "Microsoft \u0440\u0430\u043f\u043e\u0440\u0442\u0443\u0435\u0442 \u043e\u0431 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u043c \u043e\u043f\u044b\u0442\u0435 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 Security Copilot \u043d\u0430 \u0431\u0430\u0437\u0435 \u0418\u0418 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f 20 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430\u0445 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c GRUB2, U-Boot \u0438 Barebox.\n\nGRUB2 (GRand Unified Bootloader) \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u043e\u043c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0434\u043b\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0430 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 Linux, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Ubuntu, \u0430 U-Boot \u0438 Barebox \u043e\u0431\u044b\u0447\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432\u043e \u0432\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0432\u0435\u0449\u0435\u0439.\n\n11 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0430\u0448\u043b\u0438 \u0432 GRUB2, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f (CVE-2025-0677\u00a0- 0678, 0684 - 0686, CVE-2025-1125), \u0447\u0442\u0435\u043d\u0438\u0435 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 (CVE-2025-0689), \u0437\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u043e\u0433\u043e \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430 (CVE-2025-0690) \u0438 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 (CVE-2024-56737), \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043a\u043e\u043c\u0430\u043d\u0434 (CVE-2025-1118) \u0438 \u0430\u0442\u0430\u043a\u0443 \u043f\u043e \u043f\u043e\u0431\u043e\u0447\u043d\u043e\u043c\u0443 \u043a\u0430\u043d\u0430\u043b\u0443 (CVE-2024-56738).\n\n\u0412\u0441\u0435\u043c \u0432\u044b\u0448\u0435\u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0441\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0437\u0430 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c CVE-2025-0678, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS v3.1: 7,8.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432 U-Boot \u0438 Barebox \u0431\u044b\u043b\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043e 9 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0439 \u0431\u0443\u0444\u0435\u0440\u0430 \u043f\u0440\u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0435 SquashFS, EXT4, CramFS, JFFS2 \u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0441\u044b\u043b\u043e\u043a, \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f.\n\n\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 UEFI Secure Boot \u0438 \u043f\u0440\u0438 \u0441\u043e\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 U-boot \u0438\u043b\u0438 Barebox, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c, \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0431\u0443\u0442\u043a\u0438\u0442\u043e\u0432, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a\u00a0BlackLotus,\u00a0\u0434\u043e\u0441\u0442\u0438\u0433\u0430\u043b\u0438\u0441\u044c \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 GRUB2 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 Secure Boot \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0431\u0443\u0442\u043a\u0438\u0442\u043e\u0432 \u0438\u043b\u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u0445\u043e\u0434\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a BitLocker.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c Microsoft, Security Copilot \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0441\u043a\u043e\u0440\u0438\u043b \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0438 \u0441\u043b\u043e\u0436\u043d\u043e\u0439 \u043a\u043e\u0434\u043e\u0432\u043e\u0439 \u0431\u0430\u0437\u0435, \u0442\u0430\u043a\u043e\u0439 \u043a\u0430\u043a GRUB2, \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0432 \u0441\u044d\u043a\u043e\u043d\u043e\u043c\u0438\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 1 \u043d\u0435\u0434\u0435\u043b\u044e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0431\u044b \u0434\u043b\u044f \u0440\u0443\u0447\u043d\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430.\n\n\u0418\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0418\u0418 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u044b\u044f\u0432\u0438\u043b \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b \u0441\u043b\u0443\u0436\u0438\u0442\u044c \u043e\u0440\u0438\u0435\u043d\u0442\u0438\u0440\u0430\u043c\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u0445 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 Security Copilot \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0441\u0445\u043e\u0436\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u043e\u0431\u0449\u0438\u0439 \u043a\u043e\u0434 \u0441 GRUB2, \u0432\u043a\u043b\u044e\u0447\u0430\u044f U-boot \u0438 Barebox.\n\nGRUB2, U-boot \u0438 Barebox \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430, \u0442\u0430\u043a \u0447\u0442\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439  \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0432\u0441\u0435 \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438.", "creation_timestamp": "2025-04-01T13:00:07.000000Z"}, {"uuid": "275608e8-ddaa-40bf-8fcd-4ff22312bfd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56738", "type": "seen", "source": "https://t.me/true_secator/6896", "content": "Microsoft \u0440\u0430\u043f\u043e\u0440\u0442\u0443\u0435\u0442 \u043e\u0431 \u0443\u0441\u043f\u0435\u0448\u043d\u043e\u043c \u043e\u043f\u044b\u0442\u0435 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u044f \u0441\u0432\u043e\u0435\u0433\u043e \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442\u0430 Security Copilot \u043d\u0430 \u0431\u0430\u0437\u0435 \u0418\u0418 \u0434\u043b\u044f \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f 20 \u0440\u0430\u043d\u0435\u0435 \u043d\u0435\u0438\u0437\u0432\u0435\u0441\u0442\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u0430\u0445 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c GRUB2, U-Boot \u0438 Barebox.\n\nGRUB2 (GRand Unified Bootloader) \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0437\u0430\u0433\u0440\u0443\u0437\u0447\u0438\u043a\u043e\u043c \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0434\u043b\u044f \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0430 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u043e\u0432 Linux, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Ubuntu, \u0430 U-Boot \u0438 Barebox \u043e\u0431\u044b\u0447\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u0432\u043e \u0432\u0441\u0442\u0440\u0430\u0438\u0432\u0430\u0435\u043c\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0438 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u0445 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0430 \u0432\u0435\u0449\u0435\u0439.\n\n11 \u043f\u0440\u043e\u0431\u043b\u0435\u043c \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 \u043d\u0430\u0448\u043b\u0438 \u0432 GRUB2, \u0432\u043a\u043b\u044e\u0447\u0430\u044f \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f (CVE-2025-0677\u00a0- 0678, 0684 - 0686, CVE-2025-1125), \u0447\u0442\u0435\u043d\u0438\u0435 \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u0439 \u043f\u0430\u043c\u044f\u0442\u0438 (CVE-2025-0689), \u0437\u0430\u043f\u0438\u0441\u044c \u0437\u0430 \u043f\u0440\u0435\u0434\u0435\u043b\u0430\u043c\u0438 \u0434\u043e\u043f\u0443\u0441\u0442\u0438\u043c\u043e\u0433\u043e \u0434\u0438\u0430\u043f\u0430\u0437\u043e\u043d\u0430 (CVE-2025-0690) \u0438 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u0431\u0443\u0444\u0435\u0440\u0430 (CVE-2024-56737), \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438 \u043a\u043e\u043c\u0430\u043d\u0434 (CVE-2025-1118) \u0438 \u0430\u0442\u0430\u043a\u0443 \u043f\u043e \u043f\u043e\u0431\u043e\u0447\u043d\u043e\u043c\u0443 \u043a\u0430\u043d\u0430\u043b\u0443 (CVE-2024-56738).\n\n\u0412\u0441\u0435\u043c \u0432\u044b\u0448\u0435\u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0441\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438, \u0437\u0430 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u0435\u043c CVE-2025-0678, \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u0440\u0438\u0441\u0432\u043e\u0435\u043d \u0432\u044b\u0441\u043e\u043a\u0438\u0439 \u0441 \u043e\u0446\u0435\u043d\u043a\u043e\u0439 CVSS v3.1: 7,8.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0432 U-Boot \u0438 Barebox \u0431\u044b\u043b\u043e \u043d\u0430\u0439\u0434\u0435\u043d\u043e 9 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0439 \u0431\u0443\u0444\u0435\u0440\u0430 \u043f\u0440\u0438 \u0430\u043d\u0430\u043b\u0438\u0437\u0435 SquashFS, EXT4, CramFS, JFFS2 \u0438 \u0441\u0438\u043c\u0432\u043e\u043b\u0438\u0447\u0435\u0441\u043a\u0438\u0445 \u0441\u0441\u044b\u043b\u043e\u043a, \u0434\u043b\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 \u0442\u0440\u0435\u0431\u0443\u0435\u0442\u0441\u044f \u0444\u0438\u0437\u0438\u0447\u0435\u0441\u043a\u0438\u0439 \u0434\u043e\u0441\u0442\u0443\u043f.\n\n\u041d\u0435\u0434\u0430\u0432\u043d\u043e \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0442 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 UEFI Secure Boot \u0438 \u043f\u0440\u0438 \u0441\u043e\u0431\u043b\u044e\u0434\u0435\u043d\u0438\u0438 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0445 \u0443\u0441\u043b\u043e\u0432\u0438\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u043e\u0431\u043e\u0439\u0442\u0438 \u0441\u0440\u0435\u0434\u0441\u0442\u0432\u0430 \u0437\u0430\u0449\u0438\u0442\u044b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434 \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0435.\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 U-boot \u0438\u043b\u0438 Barebox, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e, \u043f\u043e\u0442\u0440\u0435\u0431\u0443\u0435\u0442 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430\u043c, \u043f\u0440\u0435\u0434\u044b\u0434\u0443\u0449\u0438\u0435 \u0430\u0442\u0430\u043a\u0438 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u0431\u0443\u0442\u043a\u0438\u0442\u043e\u0432, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a\u00a0BlackLotus,\u00a0\u0434\u043e\u0441\u0442\u0438\u0433\u0430\u043b\u0438\u0441\u044c \u043f\u043e\u0441\u0440\u0435\u0434\u0441\u0442\u0432\u043e\u043c \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u043c \u041f\u041e.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u0432 \u0441\u043b\u0443\u0447\u0430\u0435 GRUB2 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 Secure Boot \u0438 \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0438 \u0441\u043a\u0440\u044b\u0442\u044b\u0445 \u0431\u0443\u0442\u043a\u0438\u0442\u043e\u0432 \u0438\u043b\u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0433\u043e \u043e\u0431\u0445\u043e\u0434\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u043c\u0435\u0445\u0430\u043d\u0438\u0437\u043c\u043e\u0432 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u0442\u0430\u043a\u0438\u0445 \u043a\u0430\u043a BitLocker.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c Microsoft, Security Copilot \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e \u0443\u0441\u043a\u043e\u0440\u0438\u043b \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0431\u043e\u043b\u044c\u0448\u043e\u0439 \u0438 \u0441\u043b\u043e\u0436\u043d\u043e\u0439 \u043a\u043e\u0434\u043e\u0432\u043e\u0439 \u0431\u0430\u0437\u0435, \u0442\u0430\u043a\u043e\u0439 \u043a\u0430\u043a GRUB2, \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0432 \u0441\u044d\u043a\u043e\u043d\u043e\u043c\u0438\u0442\u044c \u043f\u0440\u0438\u043c\u0435\u0440\u043d\u043e 1 \u043d\u0435\u0434\u0435\u043b\u044e, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043b\u0430\u0441\u044c \u0431\u044b \u0434\u043b\u044f \u0440\u0443\u0447\u043d\u043e\u0433\u043e \u0430\u043d\u0430\u043b\u0438\u0437\u0430.\n\n\u0418\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 \u043d\u0430 \u043e\u0441\u043d\u043e\u0432\u0435 \u0418\u0418 \u043d\u0435 \u0442\u043e\u043b\u044c\u043a\u043e \u0432\u044b\u044f\u0432\u0438\u043b \u0440\u0430\u043d\u0435\u0435 \u043d\u0435 \u0437\u0430\u0434\u043e\u043a\u0443\u043c\u0435\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043d\u043e \u0438 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u0438\u043b \u0446\u0435\u043b\u0435\u0432\u044b\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0438 \u043f\u043e \u0441\u043c\u044f\u0433\u0447\u0435\u043d\u0438\u044e \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0439, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u043b\u0438 \u0431\u044b \u0441\u043b\u0443\u0436\u0438\u0442\u044c \u043e\u0440\u0438\u0435\u043d\u0442\u0438\u0440\u0430\u043c\u0438 \u0434\u043b\u044f \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0439, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0432 \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u0445 \u0441 \u043e\u0442\u043a\u0440\u044b\u0442\u044b\u043c \u0438\u0441\u0445\u043e\u0434\u043d\u044b\u043c \u043a\u043e\u0434\u043e\u043c.\n\n\u041f\u0440\u0438\u0447\u0435\u043c \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u0435 Security Copilot \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u043b\u043e \u0442\u0430\u043a\u0436\u0435 \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u0442\u044c \u0441\u0445\u043e\u0436\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u0445, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u043e\u0431\u0449\u0438\u0439 \u043a\u043e\u0434 \u0441 GRUB2, \u0432\u043a\u043b\u044e\u0447\u0430\u044f U-boot \u0438 Barebox.\n\nGRUB2, U-boot \u0438 Barebox \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0444\u0435\u0432\u0440\u0430\u043b\u0435 2025 \u0433\u043e\u0434\u0430, \u0442\u0430\u043a \u0447\u0442\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u043e \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u0435\u0440\u0441\u0438\u0439  \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u0435\u0442 \u0432\u0441\u0435 \u043f\u0435\u0440\u0435\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438.", "creation_timestamp": "2025-04-01T13:00:07.000000Z"}]}