New Tweets Addeds

social_media/x/2023/CVE-2023-1389.json

@@ -735,12 +735,40 @@
         "reposts": 1,
         "post": "rt @sicehice: #rce attempts targeting tp-link archer routers #cve-2023-1389 to deliver #mirai\n\n2024-12-25 07:13:04 utc\nsource ip: 154.213.1\u2026",
         "audience": 2736,
-        "audience_total": 2736,
-        "total_reposts": 1,
+        "audience_total": 3164,
+        "total_reposts": 2,
         "post_count": 0,
         "author": "andre gironda",
         "username": "andregironda",
-        "v_score": 0.567596,
+        "v_score": 0.575768,
+        "e_score": 0.06877,
+        "base_score": "8.8",
+        "description": "TP-LINK ARCHER AX21 (AX1800) FIRMWARE VERSIONS BEFORE 1.1.4 BUILD 20230219 CONTAINED A COMMAND INJECTION VULNERABILITY IN THE COUNTRY FORM OF THE /CGI-BIN/LUCI;STOK=/LOCALE ENDPOINT ON THE WEB MANAGEMENT INTERFACE. SPECIFICALLY, THE COUNTRY PARAMETER OF THE WRITE OPERATION WAS NOT SANITIZED BEFORE BEING USED IN A CALL TO POPEN(), ALLOWING AN UNAUTHENTICATED ATTACKER TO INJECT COMMANDS, WHICH WOULD BE RUN AS ROOT, WITH A SIMPLE POST REQUEST.",
+        "last_modified_datetime": "2024-06-27 19:30:00",
+        "published_datetime": "2023-03-15 23:15:00",
+        "vendor_logo": [
+            [
+                "tp-link",
+                null
+            ]
+        ],
+        "profile_url": null,
+        "feed_name": "twitter"
+    },
+    {
+        "cve": "CVE-2023-1389",
+        "created_datetime": "2024-12-26T16:43:39",
+        "author_id": "887353221995474945",
+        "data_id": "1872322393122939120",
+        "reposts": 1,
+        "post": "rt @sicehice: #rce attempts targeting tp-link archer routers #cve-2023-1389 to deliver #mirai\n\n2024-12-25 07:13:04 utc\nsource ip: 154.213.1\u2026",
+        "audience": 428,
+        "audience_total": 3164,
+        "total_reposts": 2,
+        "post_count": 0,
+        "author": "x_kelvin",
+        "username": "254_society_",
+        "v_score": 0.575768,
         "e_score": 0.06877,
         "base_score": "8.8",
         "description": "TP-LINK ARCHER AX21 (AX1800) FIRMWARE VERSIONS BEFORE 1.1.4 BUILD 20230219 CONTAINED A COMMAND INJECTION VULNERABILITY IN THE COUNTRY FORM OF THE /CGI-BIN/LUCI;STOK=/LOCALE ENDPOINT ON THE WEB MANAGEMENT INTERFACE. SPECIFICALLY, THE COUNTRY PARAMETER OF THE WRITE OPERATION WAS NOT SANITIZED BEFORE BEING USED IN A CALL TO POPEN(), ALLOWING AN UNAUTHENTICATED ATTACKER TO INJECT COMMANDS, WHICH WOULD BE RUN AS ROOT, WITH A SIMPLE POST REQUEST.",

social_media/x/2024/CVE-2024-23897.json

@@ -4786,5 +4786,33 @@
         ],
         "profile_url": null,
         "feed_name": "twitter"
+    },
+    {
+        "cve": "CVE-2024-23897",
+        "created_datetime": "2024-12-26T16:50:43",
+        "author_id": "1222812088407674881",
+        "data_id": "1872324173043036666",
+        "reposts": 1,
+        "post": "rt @nachogarciaegea: \ue203\ud83d\udea8 alerta de seguridad: la vulnerabilidad cve-2024-23897 en jenkins permite ejecuci\u00f3n remota de c\u00f3digo (rce), siendo e\u2026",
+        "audience": 8339,
+        "audience_total": 8339,
+        "total_reposts": 1,
+        "post_count": 0,
+        "author": "ciberconsejo",
+        "username": "ciberconsejo",
+        "v_score": 0.978358,
+        "e_score": 0.97296,
+        "base_score": "9.8",
+        "description": "JENKINS 2.441 AND EARLIER, LTS 2.426.2 AND EARLIER DOES NOT DISABLE A FEATURE OF ITS CLI COMMAND PARSER THAT REPLACES AN @ CHARACTER FOLLOWED BY A FILE PATH IN AN ARGUMENT WITH THE FILES CONTENTS, ALLOWING UNAUTHENTICATED ATTACKERS TO READ ARBITRARY FILES ON THE JENKINS CONTROLLER FILE SYSTEM.",
+        "last_modified_datetime": "2024-12-20 17:30:00",
+        "published_datetime": "2024-01-24 18:15:00",
+        "vendor_logo": [
+            [
+                "jenkins",
+                "https://kazepublic.blob.core.windows.net/vendor-logos/data/jenkins/jenkins.png"
+            ]
+        ],
+        "profile_url": null,
+        "feed_name": "twitter"
     }
 ]

social_media/x/2024/CVE-2024-40896.json

@@ -7,8 +7,8 @@
         "reposts": 1,
         "post": "rt @cvenew: cve-2024-40896 in libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the sax parser can produce events for\u2026",
         "audience": 84,
-        "audience_total": 34466,
-        "total_reposts": 6,
+        "audience_total": 36618,
+        "total_reposts": 10,
         "post_count": 1,
         "author": "syahrul akbar r",
         "username": "sahruldotid",
@@ -30,8 +30,8 @@
         "reposts": 0,
         "post": "[2/7] cve-2012-0037 allowed attackers to perform xxe attacks on vulnerable applications that use raptor, an rdf parsing and serializing library, which uses libxml2. xxe attacks may have severe consequences, such as leakage of arbitrary local files from the victim machine and\u2026 https://t.co/oclzgvigyy",
         "audience": 2602,
-        "audience_total": 34466,
-        "total_reposts": 6,
+        "audience_total": 36618,
+        "total_reposts": 10,
         "post_count": 1,
         "author": "jfrog security",
         "username": "jfrogsecurity",
@@ -53,8 +53,8 @@
         "reposts": 1,
         "post": "rt @jfrogsecurity: [1/7] are we experiencing cvss inflation? a vulnerability in libxml2, cve-2024-40896, was published yesterday and given\u2026",
         "audience": 4638,
-        "audience_total": 34466,
-        "total_reposts": 6,
+        "audience_total": 36618,
+        "total_reposts": 10,
         "post_count": 1,
         "author": "douglas mun",
         "username": "douglasmun",
@@ -76,8 +76,8 @@
         "reposts": 1,
         "post": "rt @oss_security: cve-2024-40896 analysis: libxml2 xxe due to type confusion https://t.co/mx424gpiop\ncvss 9.1 (cisa), is regression of cve-\u2026",
         "audience": 13569,
-        "audience_total": 34466,
-        "total_reposts": 6,
+        "audience_total": 36618,
+        "total_reposts": 10,
         "post_count": 1,
         "author": "solar designer",
         "username": "solardiz",
@@ -99,8 +99,8 @@
         "reposts": 1,
         "post": "rt @dinosn: cve-2024-40896 (cvss 9.1): critical xxe vulnerability discovered in libxml2 https://t.co/wltynj91sj",
         "audience": 1,
-        "audience_total": 34466,
-        "total_reposts": 6,
+        "audience_total": 36618,
+        "total_reposts": 10,
         "post_count": 1,
         "author": "f\u00fcgedi zsolt",
         "username": "fugedizs",
@@ -122,8 +122,8 @@
         "reposts": 1,
         "post": "rt @dinosn: cve-2024-40896 (cvss 9.1): critical xxe vulnerability discovered in libxml2 https://t.co/wltynj91sj",
         "audience": 12413,
-        "audience_total": 34466,
-        "total_reposts": 6,
+        "audience_total": 36618,
+        "total_reposts": 10,
         "post_count": 1,
         "author": "securityblog",
         "username": "securityblog",
@@ -145,8 +145,8 @@
         "reposts": 1,
         "post": "rt @dinosn: cve-2024-40896 (cvss 9.1): critical xxe vulnerability discovered in libxml2 https://t.co/wltynj91sj",
         "audience": 1159,
-        "audience_total": 34466,
-        "total_reposts": 6,
+        "audience_total": 36618,
+        "total_reposts": 10,
         "post_count": 1,
         "author": "gram cybersecurity",
         "username": "gramcybersec",
@@ -159,5 +159,97 @@
         "vendor_logo": null,
         "profile_url": null,
         "feed_name": "twitter"
+    },
+    {
+        "cve": "CVE-2024-40896",
+        "created_datetime": "2024-12-26T19:02:26",
+        "author_id": "898197404",
+        "data_id": "1872357318685548568",
+        "reposts": 1,
+        "post": "rt @dinosn: cve-2024-40896 (cvss 9.1): critical xxe vulnerability discovered in libxml2 https://t.co/wltynj91sj",
+        "audience": 61,
+        "audience_total": 36618,
+        "total_reposts": 10,
+        "post_count": 1,
+        "author": "patrick o.",
+        "username": "patrick_othmer",
+        "v_score": 0.322849,
+        "e_score": 0.00043,
+        "base_score": "9.1",
+        "description": "IN LIBXML2 2.11 BEFORE 2.11.9, 2.12 BEFORE 2.12.9, AND 2.13 BEFORE 2.13.3, THE SAX PARSER CAN PRODUCE EVENTS FOR EXTERNAL ENTITIES EVEN IF CUSTOM SAX HANDLERS TRY TO OVERRIDE ENTITY CONTENT (BY SETTING CHECKED). THIS MAKES CLASSIC XXE ATTACKS POSSIBLE.",
+        "last_modified_datetime": "2024-12-24 03:15:00",
+        "published_datetime": "2024-12-23 17:15:00",
+        "vendor_logo": null,
+        "profile_url": null,
+        "feed_name": "twitter"
+    },
+    {
+        "cve": "CVE-2024-40896",
+        "created_datetime": "2024-12-26T15:06:53",
+        "author_id": "1475564733948334080",
+        "data_id": "1872298040633205186",
+        "reposts": 1,
+        "post": "rt @dinosn: cve-2024-40896 (cvss 9.1): critical xxe vulnerability discovered in libxml2 https://t.co/wltynj91sj",
+        "audience": 440,
+        "audience_total": 36618,
+        "total_reposts": 10,
+        "post_count": 1,
+        "author": "skrzsecurity",
+        "username": "skrzsecurity",
+        "v_score": 0.322849,
+        "e_score": 0.00043,
+        "base_score": "9.1",
+        "description": "IN LIBXML2 2.11 BEFORE 2.11.9, 2.12 BEFORE 2.12.9, AND 2.13 BEFORE 2.13.3, THE SAX PARSER CAN PRODUCE EVENTS FOR EXTERNAL ENTITIES EVEN IF CUSTOM SAX HANDLERS TRY TO OVERRIDE ENTITY CONTENT (BY SETTING CHECKED). THIS MAKES CLASSIC XXE ATTACKS POSSIBLE.",
+        "last_modified_datetime": "2024-12-24 03:15:00",
+        "published_datetime": "2024-12-23 17:15:00",
+        "vendor_logo": null,
+        "profile_url": "https://pbs.twimg.com/profile_images/1476261650529337344/4ihQN8-V_normal.jpg",
+        "feed_name": "twitter"
+    },
+    {
+        "cve": "CVE-2024-40896",
+        "created_datetime": "2024-12-26T17:20:27",
+        "author_id": "2699219132",
+        "data_id": "1872331656327213307",
+        "reposts": 1,
+        "post": "rt @dinosn: cve-2024-40896 (cvss 9.1): critical xxe vulnerability discovered in libxml2 https://t.co/wltynj91sj",
+        "audience": 638,
+        "audience_total": 36618,
+        "total_reposts": 10,
+        "post_count": 1,
+        "author": "superfluoussecurity",
+        "username": "superfluoussec",
+        "v_score": 0.322849,
+        "e_score": 0.00043,
+        "base_score": "9.1",
+        "description": "IN LIBXML2 2.11 BEFORE 2.11.9, 2.12 BEFORE 2.12.9, AND 2.13 BEFORE 2.13.3, THE SAX PARSER CAN PRODUCE EVENTS FOR EXTERNAL ENTITIES EVEN IF CUSTOM SAX HANDLERS TRY TO OVERRIDE ENTITY CONTENT (BY SETTING CHECKED). THIS MAKES CLASSIC XXE ATTACKS POSSIBLE.",
+        "last_modified_datetime": "2024-12-24 03:15:00",
+        "published_datetime": "2024-12-23 17:15:00",
+        "vendor_logo": null,
+        "profile_url": null,
+        "feed_name": "twitter"
+    },
+    {
+        "cve": "CVE-2024-40896",
+        "created_datetime": "2024-12-26T18:24:25",
+        "author_id": "156126182",
+        "data_id": "1872347752061165816",
+        "reposts": 1,
+        "post": "rt @dinosn: cve-2024-40896 (cvss 9.1): critical xxe vulnerability discovered in libxml2 https://t.co/wltynj91sj",
+        "audience": 1013,
+        "audience_total": 36618,
+        "total_reposts": 10,
+        "post_count": 1,
+        "author": "wolfgang smith \ud83c\uddfa\ud83c\uddf8 \ud83c\uddfa\ud83c\udde6 \ud83c\uddf5\ud83c\uddf1",
+        "username": "akawombat42",
+        "v_score": 0.322849,
+        "e_score": 0.00043,
+        "base_score": "9.1",
+        "description": "IN LIBXML2 2.11 BEFORE 2.11.9, 2.12 BEFORE 2.12.9, AND 2.13 BEFORE 2.13.3, THE SAX PARSER CAN PRODUCE EVENTS FOR EXTERNAL ENTITIES EVEN IF CUSTOM SAX HANDLERS TRY TO OVERRIDE ENTITY CONTENT (BY SETTING CHECKED). THIS MAKES CLASSIC XXE ATTACKS POSSIBLE.",
+        "last_modified_datetime": "2024-12-24 03:15:00",
+        "published_datetime": "2024-12-23 17:15:00",
+        "vendor_logo": null,
+        "profile_url": "https://pbs.twimg.com/profile_images/1498067342953259010/cezrOVNk_normal.jpg",
+        "feed_name": "twitter"
     }
 ]