diff --git a/social_media/x/2023/CVE-2023-1389.json b/social_media/x/2023/CVE-2023-1389.json index cce9b6fd1..7e21e8c18 100644 --- a/social_media/x/2023/CVE-2023-1389.json +++ b/social_media/x/2023/CVE-2023-1389.json @@ -735,12 +735,40 @@ "reposts": 1, "post": "rt @sicehice: #rce attempts targeting tp-link archer routers #cve-2023-1389 to deliver #mirai\n\n2024-12-25 07:13:04 utc\nsource ip: 154.213.1\u2026", "audience": 2736, - "audience_total": 2736, - "total_reposts": 1, + "audience_total": 3164, + "total_reposts": 2, "post_count": 0, "author": "andre gironda", "username": "andregironda", - "v_score": 0.567596, + "v_score": 0.575768, + "e_score": 0.06877, + "base_score": "8.8", + "description": "TP-LINK ARCHER AX21 (AX1800) FIRMWARE VERSIONS BEFORE 1.1.4 BUILD 20230219 CONTAINED A COMMAND INJECTION VULNERABILITY IN THE COUNTRY FORM OF THE /CGI-BIN/LUCI;STOK=/LOCALE ENDPOINT ON THE WEB MANAGEMENT INTERFACE. SPECIFICALLY, THE COUNTRY PARAMETER OF THE WRITE OPERATION WAS NOT SANITIZED BEFORE BEING USED IN A CALL TO POPEN(), ALLOWING AN UNAUTHENTICATED ATTACKER TO INJECT COMMANDS, WHICH WOULD BE RUN AS ROOT, WITH A SIMPLE POST REQUEST.", + "last_modified_datetime": "2024-06-27 19:30:00", + "published_datetime": "2023-03-15 23:15:00", + "vendor_logo": [ + [ + "tp-link", + null + ] + ], + "profile_url": null, + "feed_name": "twitter" + }, + { + "cve": "CVE-2023-1389", + "created_datetime": "2024-12-26T16:43:39", + "author_id": "887353221995474945", + "data_id": "1872322393122939120", + "reposts": 1, + "post": "rt @sicehice: #rce attempts targeting tp-link archer routers #cve-2023-1389 to deliver #mirai\n\n2024-12-25 07:13:04 utc\nsource ip: 154.213.1\u2026", + "audience": 428, + "audience_total": 3164, + "total_reposts": 2, + "post_count": 0, + "author": "x_kelvin", + "username": "254_society_", + "v_score": 0.575768, "e_score": 0.06877, "base_score": "8.8", "description": "TP-LINK ARCHER AX21 (AX1800) FIRMWARE VERSIONS BEFORE 1.1.4 BUILD 20230219 CONTAINED A COMMAND INJECTION VULNERABILITY IN THE COUNTRY FORM OF THE /CGI-BIN/LUCI;STOK=/LOCALE ENDPOINT ON THE WEB MANAGEMENT INTERFACE. SPECIFICALLY, THE COUNTRY PARAMETER OF THE WRITE OPERATION WAS NOT SANITIZED BEFORE BEING USED IN A CALL TO POPEN(), ALLOWING AN UNAUTHENTICATED ATTACKER TO INJECT COMMANDS, WHICH WOULD BE RUN AS ROOT, WITH A SIMPLE POST REQUEST.", diff --git a/social_media/x/2024/CVE-2024-23897.json b/social_media/x/2024/CVE-2024-23897.json index b55a73af9..c5824e639 100644 --- a/social_media/x/2024/CVE-2024-23897.json +++ b/social_media/x/2024/CVE-2024-23897.json @@ -4786,5 +4786,33 @@ ], "profile_url": null, "feed_name": "twitter" + }, + { + "cve": "CVE-2024-23897", + "created_datetime": "2024-12-26T16:50:43", + "author_id": "1222812088407674881", + "data_id": "1872324173043036666", + "reposts": 1, + "post": "rt @nachogarciaegea: \ue203\ud83d\udea8 alerta de seguridad: la vulnerabilidad cve-2024-23897 en jenkins permite ejecuci\u00f3n remota de c\u00f3digo (rce), siendo e\u2026", + "audience": 8339, + "audience_total": 8339, + "total_reposts": 1, + "post_count": 0, + "author": "ciberconsejo", + "username": "ciberconsejo", + "v_score": 0.978358, + "e_score": 0.97296, + "base_score": "9.8", + "description": "JENKINS 2.441 AND EARLIER, LTS 2.426.2 AND EARLIER DOES NOT DISABLE A FEATURE OF ITS CLI COMMAND PARSER THAT REPLACES AN @ CHARACTER FOLLOWED BY A FILE PATH IN AN ARGUMENT WITH THE FILES CONTENTS, ALLOWING UNAUTHENTICATED ATTACKERS TO READ ARBITRARY FILES ON THE JENKINS CONTROLLER FILE SYSTEM.", + "last_modified_datetime": "2024-12-20 17:30:00", + "published_datetime": "2024-01-24 18:15:00", + "vendor_logo": [ + [ + "jenkins", + "https://kazepublic.blob.core.windows.net/vendor-logos/data/jenkins/jenkins.png" + ] + ], + "profile_url": null, + "feed_name": "twitter" } ] \ No newline at end of file diff --git a/social_media/x/2024/CVE-2024-40896.json b/social_media/x/2024/CVE-2024-40896.json index 59279ad44..1db979cad 100644 --- a/social_media/x/2024/CVE-2024-40896.json +++ b/social_media/x/2024/CVE-2024-40896.json @@ -7,8 +7,8 @@ "reposts": 1, "post": "rt @cvenew: cve-2024-40896 in libxml2 2.11 before 2.11.9, 2.12 before 2.12.9, and 2.13 before 2.13.3, the sax parser can produce events for\u2026", "audience": 84, - "audience_total": 34466, - "total_reposts": 6, + "audience_total": 36618, + "total_reposts": 10, "post_count": 1, "author": "syahrul akbar r", "username": "sahruldotid", @@ -30,8 +30,8 @@ "reposts": 0, "post": "[2/7] cve-2012-0037 allowed attackers to perform xxe attacks on vulnerable applications that use raptor, an rdf parsing and serializing library, which uses libxml2. xxe attacks may have severe consequences, such as leakage of arbitrary local files from the victim machine and\u2026 https://t.co/oclzgvigyy", "audience": 2602, - "audience_total": 34466, - "total_reposts": 6, + "audience_total": 36618, + "total_reposts": 10, "post_count": 1, "author": "jfrog security", "username": "jfrogsecurity", @@ -53,8 +53,8 @@ "reposts": 1, "post": "rt @jfrogsecurity: [1/7] are we experiencing cvss inflation? a vulnerability in libxml2, cve-2024-40896, was published yesterday and given\u2026", "audience": 4638, - "audience_total": 34466, - "total_reposts": 6, + "audience_total": 36618, + "total_reposts": 10, "post_count": 1, "author": "douglas mun", "username": "douglasmun", @@ -76,8 +76,8 @@ "reposts": 1, "post": "rt @oss_security: cve-2024-40896 analysis: libxml2 xxe due to type confusion https://t.co/mx424gpiop\ncvss 9.1 (cisa), is regression of cve-\u2026", "audience": 13569, - "audience_total": 34466, - "total_reposts": 6, + "audience_total": 36618, + "total_reposts": 10, "post_count": 1, "author": "solar designer", "username": "solardiz", @@ -99,8 +99,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-40896 (cvss 9.1): critical xxe vulnerability discovered in libxml2 https://t.co/wltynj91sj", "audience": 1, - "audience_total": 34466, - "total_reposts": 6, + "audience_total": 36618, + "total_reposts": 10, "post_count": 1, "author": "f\u00fcgedi zsolt", "username": "fugedizs", @@ -122,8 +122,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-40896 (cvss 9.1): critical xxe vulnerability discovered in libxml2 https://t.co/wltynj91sj", "audience": 12413, - "audience_total": 34466, - "total_reposts": 6, + "audience_total": 36618, + "total_reposts": 10, "post_count": 1, "author": "securityblog", "username": "securityblog", @@ -145,8 +145,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-40896 (cvss 9.1): critical xxe vulnerability discovered in libxml2 https://t.co/wltynj91sj", "audience": 1159, - "audience_total": 34466, - "total_reposts": 6, + "audience_total": 36618, + "total_reposts": 10, "post_count": 1, "author": "gram cybersecurity", "username": "gramcybersec", @@ -159,5 +159,97 @@ "vendor_logo": null, "profile_url": null, "feed_name": "twitter" + }, + { + "cve": "CVE-2024-40896", + "created_datetime": "2024-12-26T19:02:26", + "author_id": "898197404", + "data_id": "1872357318685548568", + "reposts": 1, + "post": "rt @dinosn: cve-2024-40896 (cvss 9.1): critical xxe vulnerability discovered in libxml2 https://t.co/wltynj91sj", + "audience": 61, + "audience_total": 36618, + "total_reposts": 10, + "post_count": 1, + "author": "patrick o.", + "username": "patrick_othmer", + "v_score": 0.322849, + "e_score": 0.00043, + "base_score": "9.1", + "description": "IN LIBXML2 2.11 BEFORE 2.11.9, 2.12 BEFORE 2.12.9, AND 2.13 BEFORE 2.13.3, THE SAX PARSER CAN PRODUCE EVENTS FOR EXTERNAL ENTITIES EVEN IF CUSTOM SAX HANDLERS TRY TO OVERRIDE ENTITY CONTENT (BY SETTING CHECKED). THIS MAKES CLASSIC XXE ATTACKS POSSIBLE.", + "last_modified_datetime": "2024-12-24 03:15:00", + "published_datetime": "2024-12-23 17:15:00", + "vendor_logo": null, + "profile_url": null, + "feed_name": "twitter" + }, + { + "cve": "CVE-2024-40896", + "created_datetime": "2024-12-26T15:06:53", + "author_id": "1475564733948334080", + "data_id": "1872298040633205186", + "reposts": 1, + "post": "rt @dinosn: cve-2024-40896 (cvss 9.1): critical xxe vulnerability discovered in libxml2 https://t.co/wltynj91sj", + "audience": 440, + "audience_total": 36618, + "total_reposts": 10, + "post_count": 1, + "author": "skrzsecurity", + "username": "skrzsecurity", + "v_score": 0.322849, + "e_score": 0.00043, + "base_score": "9.1", + "description": "IN LIBXML2 2.11 BEFORE 2.11.9, 2.12 BEFORE 2.12.9, AND 2.13 BEFORE 2.13.3, THE SAX PARSER CAN PRODUCE EVENTS FOR EXTERNAL ENTITIES EVEN IF CUSTOM SAX HANDLERS TRY TO OVERRIDE ENTITY CONTENT (BY SETTING CHECKED). THIS MAKES CLASSIC XXE ATTACKS POSSIBLE.", + "last_modified_datetime": "2024-12-24 03:15:00", + "published_datetime": "2024-12-23 17:15:00", + "vendor_logo": null, + "profile_url": "https://pbs.twimg.com/profile_images/1476261650529337344/4ihQN8-V_normal.jpg", + "feed_name": "twitter" + }, + { + "cve": "CVE-2024-40896", + "created_datetime": "2024-12-26T17:20:27", + "author_id": "2699219132", + "data_id": "1872331656327213307", + "reposts": 1, + "post": "rt @dinosn: cve-2024-40896 (cvss 9.1): critical xxe vulnerability discovered in libxml2 https://t.co/wltynj91sj", + "audience": 638, + "audience_total": 36618, + "total_reposts": 10, + "post_count": 1, + "author": "superfluoussecurity", + "username": "superfluoussec", + "v_score": 0.322849, + "e_score": 0.00043, + "base_score": "9.1", + "description": "IN LIBXML2 2.11 BEFORE 2.11.9, 2.12 BEFORE 2.12.9, AND 2.13 BEFORE 2.13.3, THE SAX PARSER CAN PRODUCE EVENTS FOR EXTERNAL ENTITIES EVEN IF CUSTOM SAX HANDLERS TRY TO OVERRIDE ENTITY CONTENT (BY SETTING CHECKED). THIS MAKES CLASSIC XXE ATTACKS POSSIBLE.", + "last_modified_datetime": "2024-12-24 03:15:00", + "published_datetime": "2024-12-23 17:15:00", + "vendor_logo": null, + "profile_url": null, + "feed_name": "twitter" + }, + { + "cve": "CVE-2024-40896", + "created_datetime": "2024-12-26T18:24:25", + "author_id": "156126182", + "data_id": "1872347752061165816", + "reposts": 1, + "post": "rt @dinosn: cve-2024-40896 (cvss 9.1): critical xxe vulnerability discovered in libxml2 https://t.co/wltynj91sj", + "audience": 1013, + "audience_total": 36618, + "total_reposts": 10, + "post_count": 1, + "author": "wolfgang smith \ud83c\uddfa\ud83c\uddf8 \ud83c\uddfa\ud83c\udde6 \ud83c\uddf5\ud83c\uddf1", + "username": "akawombat42", + "v_score": 0.322849, + "e_score": 0.00043, + "base_score": "9.1", + "description": "IN LIBXML2 2.11 BEFORE 2.11.9, 2.12 BEFORE 2.12.9, AND 2.13 BEFORE 2.13.3, THE SAX PARSER CAN PRODUCE EVENTS FOR EXTERNAL ENTITIES EVEN IF CUSTOM SAX HANDLERS TRY TO OVERRIDE ENTITY CONTENT (BY SETTING CHECKED). THIS MAKES CLASSIC XXE ATTACKS POSSIBLE.", + "last_modified_datetime": "2024-12-24 03:15:00", + "published_datetime": "2024-12-23 17:15:00", + "vendor_logo": null, + "profile_url": "https://pbs.twimg.com/profile_images/1498067342953259010/cezrOVNk_normal.jpg", + "feed_name": "twitter" } ] \ No newline at end of file diff --git a/social_media/x/2024/CVE-2024-45387.json b/social_media/x/2024/CVE-2024-45387.json index 1b5f96b86..3a93b740d 100644 --- a/social_media/x/2024/CVE-2024-45387.json +++ b/social_media/x/2024/CVE-2024-45387.json @@ -214,8 +214,8 @@ "reposts": 0, "post": "apache traffic control \u30e6\u30fc\u30b6\u30fc\u306e\u7686\u69d8\u3078 - sql \u30a4\u30f3\u30b8\u30a7\u30af\u30b7\u30e7\u30f3\u306e\u8106\u5f31\u6027 (cve-2024-45387) \u304c\u898b\u3064\u304b\u308a\u307e\u3057\u305f\u3002\u3053\u308c\u306b\u3088\u308a\u3001\u653b\u6483\u8005\u306f\u30c7\u30fc\u30bf\u30d9\u30fc\u30b9\u5185\u3067\u76f4\u63a5\u30b3\u30de\u30f3\u30c9\u3092\u5b9f\u884c\u3067\u304d\u308b\u3088\u3046\u306b\u306a\u308a\u307e\u3059\u3002\u3053\u306e\u8106\u5f31\u6027\u306f\u3001\u7279\u5225\u306b\u7d30\u5de5\u3055\u308c\u305f put \u30ea\u30af\u30a8\u30b9\u30c8\u3092\u9001\u4fe1\u3059\u308b\u3053\u3068\u3067\u7c21\u5358\u306b\u60aa\u7528\u3067\u304d\u307e\u3059\u3002 https://t.co/6zuickl5t6", "audience": 79, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "\u6280\u5de7\uff20\ud83d\udcd8\ud83d\udd8a\u30d6\u30c3\u30af\u30de\u30fc\u30afbot", "username": "gikobookmark", @@ -237,8 +237,8 @@ "reposts": 1, "post": "rt @thehackersnews: \u26a0\ufe0f apache traffic control users\u2014an sql injection flaw (cve-2024-45387) has been found, enabling attackers to execute co\u2026", "audience": 1263, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "xbdm", "username": "xbdmhq", @@ -306,8 +306,8 @@ "reposts": 1, "post": "rt @thehackersnews: \u26a0\ufe0f apache traffic control users\u2014an sql injection flaw (cve-2024-45387) has been found, enabling attackers to execute co\u2026", "audience": 46, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "pep lainez", "username": "peplainez", @@ -329,8 +329,8 @@ "reposts": 1, "post": "rt @thehackersnews: \u26a0\ufe0f apache traffic control users\u2014an sql injection flaw (cve-2024-45387) has been found, enabling attackers to execute co\u2026", "audience": 1711, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "onyema uchechukwu", "username": "uche_nuwe", @@ -352,8 +352,8 @@ "reposts": 1, "post": "rt @thehackersnews: \u26a0\ufe0f apache traffic control users\u2014an sql injection flaw (cve-2024-45387) has been found, enabling attackers to execute co\u2026", "audience": 1559, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "karim jaber", "username": "exfil0", @@ -375,8 +375,8 @@ "reposts": 1, "post": "rt @thehackersnews: \u26a0\ufe0f apache traffic control users\u2014an sql injection flaw (cve-2024-45387) has been found, enabling attackers to execute co\u2026", "audience": 2321, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "the crypto junky", "username": "stickler5577", @@ -398,8 +398,8 @@ "reposts": 1, "post": "rt @thehackersnews: \u26a0\ufe0f apache traffic control users\u2014an sql injection flaw (cve-2024-45387) has been found, enabling attackers to execute co\u2026", "audience": 823, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "contardo", "username": "contardorm", @@ -421,8 +421,8 @@ "reposts": 1, "post": "rt @thehackersnews: \u26a0\ufe0f apache traffic control users\u2014an sql injection flaw (cve-2024-45387) has been found, enabling attackers to execute co\u2026", "audience": 2, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "tedroz", "username": "tedroz190364", @@ -444,8 +444,8 @@ "reposts": 1, "post": "rt @huntermapping: \ud83d\udea8alert\ud83d\udea8cve-2024-45387 (cvss 9.9): critical sql injection vulnerability found in apache traffic control\n\ud83d\udcca 365k+ services\u2026", "audience": 1103, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "mr robot", "username": "zalepentester", @@ -467,8 +467,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-45387 (cvss 9.9): critical sql injection vulnerability found in apache traffic control https://t.co/qxvbzyombq", "audience": 106, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "oxdine", "username": "dineshprathi12", @@ -490,8 +490,8 @@ "reposts": 1, "post": "rt @thehackersnews: \u26a0\ufe0f apache traffic control users\u2014an sql injection flaw (cve-2024-45387) has been found, enabling attackers to execute co\u2026", "audience": 3591, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "mikk w clermont", "username": "mikkwallace", @@ -513,8 +513,8 @@ "reposts": 1, "post": "rt @thehackersnews: \u26a0\ufe0f apache traffic control users\u2014an sql injection flaw (cve-2024-45387) has been found, enabling attackers to execute co\u2026", "audience": 5073, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "eddy wu", "username": "wuyuansheng1982", @@ -536,8 +536,8 @@ "reposts": 1, "post": "rt @huntermapping: \ud83d\udea8alert\ud83d\udea8cve-2024-45387 (cvss 9.9): critical sql injection vulnerability found in apache traffic control\n\ud83d\udcca 365k+ services\u2026", "audience": 202, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "patrick", "username": "msfconsole3", @@ -559,8 +559,8 @@ "reposts": 1, "post": "rt @huntermapping: \ud83d\udea8alert\ud83d\udea8cve-2024-45387 (cvss 9.9): critical sql injection vulnerability found in apache traffic control\n\ud83d\udcca 365k+ services\u2026", "audience": 9, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "rahul bhor", "username": "rahulbhor_01", @@ -582,8 +582,8 @@ "reposts": 1, "post": "rt @aufzayed: apache traffic control sql injection poc exploit (cve-2024-45387)\n\nin collaboration with @mohamed_a_r_1\n\npoc link: https://t.\u2026", "audience": 267, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "mohamed abdelhady", "username": "mohamed_a_r_1", @@ -605,8 +605,8 @@ "reposts": 1, "post": "rt @thehackersnews: \u26a0\ufe0f apache traffic control users\u2014an sql injection flaw (cve-2024-45387) has been found, enabling attackers to execute co\u2026", "audience": 10, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "illusi", "username": "illusikan", @@ -628,8 +628,8 @@ "reposts": 1, "post": "rt @thehackersnews: \u26a0\ufe0f apache traffic control users\u2014an sql injection flaw (cve-2024-45387) has been found, enabling attackers to execute co\u2026", "audience": 147, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "daniel l\u00f3pez-c", "username": "dan_lcm", @@ -651,8 +651,8 @@ "reposts": 1, "post": "rt @huntermapping: \ud83d\udea8alert\ud83d\udea8cve-2024-45387 (cvss 9.9): critical sql injection vulnerability found in apache traffic control\n\ud83d\udcca 365k+ services\u2026", "audience": 354, - "audience_total": 30621, - "total_reposts": 27, + "audience_total": 38124, + "total_reposts": 29, "post_count": 1, "author": "rain3r \ud83d\ude0e\ud83d\ude0e\ud83d\ude0e\ud83c\uddec\ud83c\udde7\ud83c\udde6\ud83c\uddf9\ud83c\udde9\ud83c\uddea\ud83c\uddf8\ud83c\uddef", "username": "rainer_sokolov", @@ -665,5 +665,51 @@ "vendor_logo": null, "profile_url": null, "feed_name": "twitter" + }, + { + "cve": "CVE-2024-45387", + "created_datetime": "2024-12-26T14:25:59", + "author_id": "18684422", + "data_id": "1872287749568659512", + "reposts": 1, + "post": "rt @thehackersnews: \u26a0\ufe0f apache traffic control users\u2014an sql injection flaw (cve-2024-45387) has been found, enabling attackers to execute co\u2026", + "audience": 100, + "audience_total": 38124, + "total_reposts": 29, + "post_count": 1, + "author": "valkrider", + "username": "valkrider", + "v_score": 0.502341, + "e_score": null, + "base_score": "9.9", + "description": "AN SQL INJECTION VULNERABILITY IN TRAFFIC OPS IN APACHE TRAFFIC CONTROL <= 8.0.1, >= 8.0.0 ALLOWS A PRIVILEGED USER WITH ROLE ADMIN, FEDERATION, OPERATIONS, PORTAL, OR STEERING TO EXECUTE ARBITRARY SQL AGAINST THE DATABASE BY SENDING A SPECIALLY-CRAFTED PUT REQUEST.\n\nUSERS ARE RECOMMENDED TO UPGRADE TO VERSION APACHE TRAFFIC CONTROL 8.0.2 IF YOU RUN AN AFFECTED VERSION OF TRAFFIC OPS.", + "last_modified_datetime": "2024-12-23 18:15:00", + "published_datetime": "2024-12-23 16:15:00", + "vendor_logo": null, + "profile_url": null, + "feed_name": "twitter" + }, + { + "cve": "CVE-2024-45387", + "created_datetime": "2024-12-26T17:18:24", + "author_id": "1563345061756018688", + "data_id": "1872331137684738116", + "reposts": 1, + "post": "rt @aufzayed: apache traffic control sql injection poc exploit (cve-2024-45387)\n\nin collaboration with @mohamed_a_r_1\n\npoc link: https://t.\u2026", + "audience": 7403, + "audience_total": 38124, + "total_reposts": 29, + "post_count": 1, + "author": "fares walid \ud83c\uddea\ud83c\uddec\ud83c\uddf5\ud83c\uddf8", + "username": "sirbagoza", + "v_score": 0.502341, + "e_score": null, + "base_score": "9.9", + "description": "AN SQL INJECTION VULNERABILITY IN TRAFFIC OPS IN APACHE TRAFFIC CONTROL <= 8.0.1, >= 8.0.0 ALLOWS A PRIVILEGED USER WITH ROLE ADMIN, FEDERATION, OPERATIONS, PORTAL, OR STEERING TO EXECUTE ARBITRARY SQL AGAINST THE DATABASE BY SENDING A SPECIALLY-CRAFTED PUT REQUEST.\n\nUSERS ARE RECOMMENDED TO UPGRADE TO VERSION APACHE TRAFFIC CONTROL 8.0.2 IF YOU RUN AN AFFECTED VERSION OF TRAFFIC OPS.", + "last_modified_datetime": "2024-12-23 18:15:00", + "published_datetime": "2024-12-23 16:15:00", + "vendor_logo": null, + "profile_url": null, + "feed_name": "twitter" } ] \ No newline at end of file diff --git a/social_media/x/2024/CVE-2024-50379.json b/social_media/x/2024/CVE-2024-50379.json index db7fa8620..bdb8fa0cf 100644 --- a/social_media/x/2024/CVE-2024-50379.json +++ b/social_media/x/2024/CVE-2024-50379.json @@ -2284,8 +2284,8 @@ "reposts": 1, "post": "rt @nfujita55a: \u3042\u3063\u3001cve-2024-50379 (tomcat\u3067 defaultservlet \u306e\u8a2d\u5b9a\u3092\u65e2\u5b9a\u5024\u304b\u3089\u5909\u66f4\u3057\u3066 readonly=false \u306b\u3059\u308b\u3068rce\u53ef\u80fd\u3063\u3066\u3084\u3064)\u306epoc\u304c\u51fa\u3066\u3044\u308b\u3002\n\n\u2026\u2026\u306a\u3093\u304b\u8907\u96d1\u305d\u3046\u3060\u308f\n\nhttps://t.co/\u2026", "audience": 1317, - "audience_total": 181785, - "total_reposts": 104, + "audience_total": 183669, + "total_reposts": 110, "post_count": 3, "author": "\u6c5d\u3001\u7ffc\u3092\u4e0e\u3048\u308b\uff20\u3070\u3063\u3066\u3093\u5148\u306b\u7ffc\u3070\u304f\u308c\u3093\u306d \u30a4\u30d9\u30f3\u30c8\u30fb\u30fb\uff08parody\uff09", "username": "ryunosinfx", @@ -2307,8 +2307,8 @@ "reposts": 1, "post": "rt @huntermapping: \ud83c\udd95updates\ud83c\udd95cve-2024-50379/cve-2024-56337 : apache tomcat patches critical rce vulnerability\n\ud83d\udd25exp : https://t.co/xstqckfapt\u2026", "audience": 64, - "audience_total": 181785, - "total_reposts": 104, + "audience_total": 183669, + "total_reposts": 110, "post_count": 3, "author": "shubham mishra", "username": "mishra321shu", @@ -2330,8 +2330,8 @@ "reposts": 0, "post": "cve-2024-50379 \u306f\u3001\u3055\u3089\u306b\u4fee\u6b63\u304c\u5165\u308a\u3001cve-2024-56337 \u304c\u767a\u756a\u3055\u308c\u305f\u3088\u3001\u3068\u3002\ntomcat9\u306f\u3053\u3061\u3089\u306d\u3002\nhttps://t.co/ou3yoqhtyg", "audience": 3302, - "audience_total": 181785, - "total_reposts": 104, + "audience_total": 183669, + "total_reposts": 110, "post_count": 3, "author": "\u3075\u3058\u305f_\ud83d\udc31\u2668\ufe0f\ud83d\udcbb\u96d1\u7528\u4fc2", "username": "nfujita55a", @@ -2353,8 +2353,8 @@ "reposts": 1, "post": "rt @huntermapping: \ud83c\udd95updates\ud83c\udd95cve-2024-50379/cve-2024-56337 : apache tomcat patches critical rce vulnerability\n\ud83d\udd25exp : https://t.co/xstqckfapt\u2026", "audience": 6, - "audience_total": 181785, - "total_reposts": 104, + "audience_total": 183669, + "total_reposts": 110, "post_count": 3, "author": "santosh", "username": "santoshk8468", @@ -2376,8 +2376,8 @@ "reposts": 1, "post": "rt @huntermapping: \ud83c\udd95updates\ud83c\udd95cve-2024-50379/cve-2024-56337 : apache tomcat patches critical rce vulnerability\n\ud83d\udd25exp : https://t.co/xstqckfapt\u2026", "audience": 41, - "audience_total": 181785, - "total_reposts": 104, + "audience_total": 183669, + "total_reposts": 110, "post_count": 3, "author": "abdur rahman alif", "username": "m1ghtguy_", @@ -2399,8 +2399,8 @@ "reposts": 1, "post": "rt @huntermapping: \ud83c\udd95updates\ud83c\udd95cve-2024-50379/cve-2024-56337 : apache tomcat patches critical rce vulnerability\n\ud83d\udd25exp : https://t.co/xstqckfapt\u2026", "audience": 38, - "audience_total": 181785, - "total_reposts": 104, + "audience_total": 183669, + "total_reposts": 110, "post_count": 3, "author": "scurippio", "username": "scurippio", @@ -2422,8 +2422,8 @@ "reposts": 1, "post": "rt @wtf_brut: \u26a1\ufe0fcve-2024-50379/cve-2024-56337 : apache tomcat patches critical rce vulnerability\n\n\ud83d\udd25exploit : https://t.co/qu5xkgvb55\n\n\ud83d\udc47dork\u2026", "audience": 81, - "audience_total": 181785, - "total_reposts": 104, + "audience_total": 183669, + "total_reposts": 110, "post_count": 3, "author": "ecstatic", "username": "shfqshmdn", @@ -2445,8 +2445,8 @@ "reposts": 1, "post": "rt @dinosn: deep dive & poc of cve-2024-50379 exploit tomcat vulnerability (9.8 severity)\nhttps://t.co/ozlvavjjzw", "audience": 64, - "audience_total": 181785, - "total_reposts": 104, + "audience_total": 183669, + "total_reposts": 110, "post_count": 3, "author": "denis", "username": "deniscimen", @@ -2468,8 +2468,8 @@ "reposts": 1, "post": "rt @dinosn: deep dive & poc of cve-2024-50379 exploit tomcat vulnerability (9.8 severity)\nhttps://t.co/ozlvavjjzw", "audience": 1991, - "audience_total": 181785, - "total_reposts": 104, + "audience_total": 183669, + "total_reposts": 110, "post_count": 3, "author": "valentin lobstein \ud83c\udde8\ud83c\uddf5\uea00", "username": "chocapikk_", @@ -2491,8 +2491,8 @@ "reposts": 1, "post": "rt @dinosn: deep dive & poc of cve-2024-50379 exploit tomcat vulnerability (9.8 severity)\nhttps://t.co/ozlvavjjzw", "audience": 7296, - "audience_total": 181785, - "total_reposts": 104, + "audience_total": 183669, + "total_reposts": 110, "post_count": 3, "author": "federico kirschbaum", "username": "fede_k", @@ -2514,8 +2514,8 @@ "reposts": 1, "post": "rt @dinosn: tomcat cve-2024-50379/cve-2024-56337 poc https://t.co/dptzwaryzw", "audience": 4639, - "audience_total": 181785, - "total_reposts": 104, + "audience_total": 183669, + "total_reposts": 110, "post_count": 3, "author": "douglas mun", "username": "douglasmun", @@ -2537,8 +2537,8 @@ "reposts": 1, "post": "rt @dinosn: deep dive & poc of cve-2024-50379 exploit tomcat vulnerability (9.8 severity)\nhttps://t.co/ozlvavjjzw", "audience": 1146, - "audience_total": 181785, - "total_reposts": 104, + "audience_total": 183669, + "total_reposts": 110, "post_count": 3, "author": "\ud809\udc2az.a.p\ud809\udc2a", "username": "zappit3", @@ -2560,8 +2560,8 @@ "reposts": 1, "post": "rt @wtf_brut: \u26a1\ufe0fcve-2024-50379/cve-2024-56337 : apache tomcat patches critical rce vulnerability\n\n\ud83d\udd25exploit : https://t.co/qu5xkgvb55\n\n\ud83d\udc47dork\u2026", "audience": 129, - "audience_total": 181785, - "total_reposts": 104, + "audience_total": 183669, + "total_reposts": 110, "post_count": 3, "author": "z3n", "username": "z3nch4n", @@ -2583,8 +2583,8 @@ "reposts": 1, "post": "rt @dinosn: deep dive & poc of cve-2024-50379 exploit tomcat vulnerability (9.8 severity)\nhttps://t.co/ozlvavjjzw", "audience": 111, - "audience_total": 181785, - "total_reposts": 104, + "audience_total": 183669, + "total_reposts": 110, "post_count": 3, "author": "jaime villagr\u00e1n", "username": "jaime_villagran", @@ -2597,5 +2597,143 @@ "vendor_logo": null, "profile_url": null, "feed_name": "twitter" + }, + { + "cve": "CVE-2024-50379", + "created_datetime": "2024-12-26T16:48:41", + "author_id": "1284668876664512512", + "data_id": "1872323661119820119", + "reposts": 1, + "post": "rt @dinosn: deep dive & poc of cve-2024-50379 exploit tomcat vulnerability (9.8 severity)\nhttps://t.co/ozlvavjjzw", + "audience": 257, + "audience_total": 183669, + "total_reposts": 110, + "post_count": 3, + "author": "thecyberlama", + "username": "thecyberlama", + "v_score": 0.717352, + "e_score": 0.00043, + "base_score": "9.8", + "description": "TIME-OF-CHECK TIME-OF-USE (TOCTOU) RACE CONDITION VULNERABILITY DURING JSP COMPILATION IN APACHE TOMCAT PERMITS AN RCE ON CASE INSENSITIVE FILE SYSTEMS WHEN THE DEFAULT SERVLET IS ENABLED FOR WRITE (NON-DEFAULT CONFIGURATION).\n\nTHIS ISSUE AFFECTS APACHE TOMCAT: FROM 11.0.0-M1 THROUGH 11.0.1, FROM 10.1.0-M1 THROUGH 10.1.33, FROM 9.0.0.M1 THROUGH 9.0.97.\n\nUSERS ARE RECOMMENDED TO UPGRADE TO VERSION 11.0.2, 10.1.34 OR 9.0.98, WHICH FIXES THE ISSUE.", + "last_modified_datetime": "2024-12-19 18:15:00", + "published_datetime": "2024-12-17 13:15:00", + "vendor_logo": null, + "profile_url": null, + "feed_name": "twitter" + }, + { + "cve": "CVE-2024-50379", + "created_datetime": "2024-12-26T18:29:18", + "author_id": "2739161726", + "data_id": "1872348981294137417", + "reposts": 1, + "post": "rt @dinosn: tomcat cve-2024-50379/cve-2024-56337 poc https://t.co/dptzwaryzw", + "audience": 698, + "audience_total": 183669, + "total_reposts": 110, + "post_count": 3, + "author": "sellvamanoj", + "username": "tink2hack", + "v_score": 0.717352, + "e_score": 0.00043, + "base_score": "9.8", + "description": "TIME-OF-CHECK TIME-OF-USE (TOCTOU) RACE CONDITION VULNERABILITY DURING JSP COMPILATION IN APACHE TOMCAT PERMITS AN RCE ON CASE INSENSITIVE FILE SYSTEMS WHEN THE DEFAULT SERVLET IS ENABLED FOR WRITE (NON-DEFAULT CONFIGURATION).\n\nTHIS ISSUE AFFECTS APACHE TOMCAT: FROM 11.0.0-M1 THROUGH 11.0.1, FROM 10.1.0-M1 THROUGH 10.1.33, FROM 9.0.0.M1 THROUGH 9.0.97.\n\nUSERS ARE RECOMMENDED TO UPGRADE TO VERSION 11.0.2, 10.1.34 OR 9.0.98, WHICH FIXES THE ISSUE.", + "last_modified_datetime": "2024-12-19 18:15:00", + "published_datetime": "2024-12-17 13:15:00", + "vendor_logo": null, + "profile_url": "https://pbs.twimg.com/profile_images/1565420198752296960/qNFYvJLF_normal.jpg", + "feed_name": "twitter" + }, + { + "cve": "CVE-2024-50379", + "created_datetime": "2024-12-26T14:29:17", + "author_id": "3990686297", + "data_id": "1872288577822101879", + "reposts": 1, + "post": "rt @dinosn: deep dive & poc of cve-2024-50379 exploit tomcat vulnerability (9.8 severity)\nhttps://t.co/ozlvavjjzw", + "audience": 262, + "audience_total": 183669, + "total_reposts": 110, + "post_count": 3, + "author": "stefan nicula", + "username": "stefan_nicula", + "v_score": 0.717352, + "e_score": 0.00043, + "base_score": "9.8", + "description": "TIME-OF-CHECK TIME-OF-USE (TOCTOU) RACE CONDITION VULNERABILITY DURING JSP COMPILATION IN APACHE TOMCAT PERMITS AN RCE ON CASE INSENSITIVE FILE SYSTEMS WHEN THE DEFAULT SERVLET IS ENABLED FOR WRITE (NON-DEFAULT CONFIGURATION).\n\nTHIS ISSUE AFFECTS APACHE TOMCAT: FROM 11.0.0-M1 THROUGH 11.0.1, FROM 10.1.0-M1 THROUGH 10.1.33, FROM 9.0.0.M1 THROUGH 9.0.97.\n\nUSERS ARE RECOMMENDED TO UPGRADE TO VERSION 11.0.2, 10.1.34 OR 9.0.98, WHICH FIXES THE ISSUE.", + "last_modified_datetime": "2024-12-19 18:15:00", + "published_datetime": "2024-12-17 13:15:00", + "vendor_logo": null, + "profile_url": null, + "feed_name": "twitter" + }, + { + "cve": "CVE-2024-50379", + "created_datetime": "2024-12-26T17:35:53", + "author_id": "2788268246", + "data_id": "1872335540017824179", + "reposts": 1, + "post": "rt @dinosn: deep dive & poc of cve-2024-50379 exploit tomcat vulnerability (9.8 severity)\nhttps://t.co/ozlvavjjzw", + "audience": 400, + "audience_total": 183669, + "total_reposts": 110, + "post_count": 3, + "author": "andre espirito santo", + "username": "aesanto", + "v_score": 0.717352, + "e_score": 0.00043, + "base_score": "9.8", + "description": "TIME-OF-CHECK TIME-OF-USE (TOCTOU) RACE CONDITION VULNERABILITY DURING JSP COMPILATION IN APACHE TOMCAT PERMITS AN RCE ON CASE INSENSITIVE FILE SYSTEMS WHEN THE DEFAULT SERVLET IS ENABLED FOR WRITE (NON-DEFAULT CONFIGURATION).\n\nTHIS ISSUE AFFECTS APACHE TOMCAT: FROM 11.0.0-M1 THROUGH 11.0.1, FROM 10.1.0-M1 THROUGH 10.1.33, FROM 9.0.0.M1 THROUGH 9.0.97.\n\nUSERS ARE RECOMMENDED TO UPGRADE TO VERSION 11.0.2, 10.1.34 OR 9.0.98, WHICH FIXES THE ISSUE.", + "last_modified_datetime": "2024-12-19 18:15:00", + "published_datetime": "2024-12-17 13:15:00", + "vendor_logo": null, + "profile_url": "https://pbs.twimg.com/profile_images/1473689820270575619/v0DY2I2j_normal.jpg", + "feed_name": "twitter" + }, + { + "cve": "CVE-2024-50379", + "created_datetime": "2024-12-26T17:37:50", + "author_id": "1095373986", + "data_id": "1872336029702836699", + "reposts": 1, + "post": "rt @dinosn: deep dive & poc of cve-2024-50379 exploit tomcat vulnerability (9.8 severity)\nhttps://t.co/ozlvavjjzw", + "audience": 194, + "audience_total": 183669, + "total_reposts": 110, + "post_count": 3, + "author": "acrotiger", + "username": "tiger_baldwin", + "v_score": 0.717352, + "e_score": 0.00043, + "base_score": "9.8", + "description": "TIME-OF-CHECK TIME-OF-USE (TOCTOU) RACE CONDITION VULNERABILITY DURING JSP COMPILATION IN APACHE TOMCAT PERMITS AN RCE ON CASE INSENSITIVE FILE SYSTEMS WHEN THE DEFAULT SERVLET IS ENABLED FOR WRITE (NON-DEFAULT CONFIGURATION).\n\nTHIS ISSUE AFFECTS APACHE TOMCAT: FROM 11.0.0-M1 THROUGH 11.0.1, FROM 10.1.0-M1 THROUGH 10.1.33, FROM 9.0.0.M1 THROUGH 9.0.97.\n\nUSERS ARE RECOMMENDED TO UPGRADE TO VERSION 11.0.2, 10.1.34 OR 9.0.98, WHICH FIXES THE ISSUE.", + "last_modified_datetime": "2024-12-19 18:15:00", + "published_datetime": "2024-12-17 13:15:00", + "vendor_logo": null, + "profile_url": "https://pbs.twimg.com/profile_images/1181625327791017984/WQVfwPC9_normal.jpg", + "feed_name": "twitter" + }, + { + "cve": "CVE-2024-50379", + "created_datetime": "2024-12-26T13:43:05", + "author_id": "790229082554400768", + "data_id": "1872276951152345110", + "reposts": 1, + "post": "rt @dinosn: deep dive & poc of cve-2024-50379 exploit tomcat vulnerability (9.8 severity)\nhttps://t.co/ozlvavjjzw", + "audience": 73, + "audience_total": 183669, + "total_reposts": 110, + "post_count": 3, + "author": "4str0boy_", + "username": "4str0boy_", + "v_score": 0.717352, + "e_score": 0.00043, + "base_score": "9.8", + "description": "TIME-OF-CHECK TIME-OF-USE (TOCTOU) RACE CONDITION VULNERABILITY DURING JSP COMPILATION IN APACHE TOMCAT PERMITS AN RCE ON CASE INSENSITIVE FILE SYSTEMS WHEN THE DEFAULT SERVLET IS ENABLED FOR WRITE (NON-DEFAULT CONFIGURATION).\n\nTHIS ISSUE AFFECTS APACHE TOMCAT: FROM 11.0.0-M1 THROUGH 11.0.1, FROM 10.1.0-M1 THROUGH 10.1.33, FROM 9.0.0.M1 THROUGH 9.0.97.\n\nUSERS ARE RECOMMENDED TO UPGRADE TO VERSION 11.0.2, 10.1.34 OR 9.0.98, WHICH FIXES THE ISSUE.", + "last_modified_datetime": "2024-12-19 18:15:00", + "published_datetime": "2024-12-17 13:15:00", + "vendor_logo": null, + "profile_url": null, + "feed_name": "twitter" } ] \ No newline at end of file diff --git a/social_media/x/2024/CVE-2024-51482.json b/social_media/x/2024/CVE-2024-51482.json index 0240f1f7a..61ada11fe 100644 --- a/social_media/x/2024/CVE-2024-51482.json +++ b/social_media/x/2024/CVE-2024-51482.json @@ -297,5 +297,28 @@ "vendor_logo": null, "profile_url": null, "feed_name": "twitter" + }, + { + "cve": "CVE-2024-51482", + "created_datetime": "2024-12-26T10:41:40", + "author_id": "T2_DCX75ISA", + "data_id": "1HMLWW3", + "reposts": 2, + "post": "security", + "audience": 90, + "audience_total": 90, + "total_reposts": 2, + "post_count": 1, + "author": "er999999", + "username": "t3_1hmlww3", + "v_score": 0.332656, + "e_score": 0.00043, + "base_score": "9.9", + "description": "ZONEMINDER IS A FREE, OPEN SOURCE CLOSED-CIRCUIT TELEVISION SOFTWARE APPLICATION. ZONEMINDER V1.37.* <= 1.37.64 IS VULNERABLE TO BOOLEAN-BASED SQL INJECTION IN FUNCTION OF WEB/AJAX/EVENT.PHP. THIS IS FIXED IN 1.37.65.", + "last_modified_datetime": "2024-11-05 14:15:00", + "published_datetime": "2024-10-31 18:15:00", + "vendor_logo": null, + "profile_url": null, + "feed_name": "reddit" } ] \ No newline at end of file diff --git a/social_media/x/2024/CVE-2024-9122.json b/social_media/x/2024/CVE-2024-9122.json index 579f1f8a3..0c110040b 100644 --- a/social_media/x/2024/CVE-2024-9122.json +++ b/social_media/x/2024/CVE-2024-9122.json @@ -7,8 +7,8 @@ "reposts": 0, "post": "(cve-2024-9122)[365802567][$55000][wasm]wasm type confusion due to imported tag signature subtyping is now open with poc and exploit(pops calc from a '--no-sandbox' renderer):\nhttps://t.co/0bh4zefgxl\n\n@0x10n https://t.co/i7fn4wkyva https://t.co/qtkdktwl8f", "audience": 2812, - "audience_total": 24036, - "total_reposts": 7, + "audience_total": 46846, + "total_reposts": 9, "post_count": 1, "author": "xvonfers", "username": "xvonfers", @@ -30,8 +30,8 @@ "reposts": 1, "post": "rt @xvonfers: (cve-2024-9122)[365802567][$55000][wasm]wasm type confusion due to imported tag signature subtyping is now open with poc and\u2026", "audience": 7, - "audience_total": 24036, - "total_reposts": 7, + "audience_total": 46846, + "total_reposts": 9, "post_count": 1, "author": "soutag", "username": "soutagx86", @@ -53,8 +53,8 @@ "reposts": 1, "post": "rt @xvonfers: (cve-2024-9122)[365802567][$55000][wasm]wasm type confusion due to imported tag signature subtyping is now open with poc and\u2026", "audience": 31, - "audience_total": 24036, - "total_reposts": 7, + "audience_total": 46846, + "total_reposts": 9, "post_count": 1, "author": "oox80", "username": "ox80o36326", @@ -76,8 +76,8 @@ "reposts": 1, "post": "rt @xvonfers: (cve-2024-9122)[365802567][$55000][wasm]wasm type confusion due to imported tag signature subtyping is now open with poc and\u2026", "audience": 18599, - "audience_total": 24036, - "total_reposts": 7, + "audience_total": 46846, + "total_reposts": 9, "post_count": 1, "author": "kmkz", "username": "kmkz_security", @@ -99,8 +99,8 @@ "reposts": 1, "post": "rt @xvonfers: (cve-2024-9122)[365802567][$55000][wasm]wasm type confusion due to imported tag signature subtyping is now open with poc and\u2026", "audience": 428, - "audience_total": 24036, - "total_reposts": 7, + "audience_total": 46846, + "total_reposts": 9, "post_count": 1, "author": "x_kelvin", "username": "254_society_", @@ -122,8 +122,8 @@ "reposts": 1, "post": "rt @xvonfers: (cve-2024-9122)[365802567][$55000][wasm]wasm type confusion due to imported tag signature subtyping is now open with poc and\u2026", "audience": 1, - "audience_total": 24036, - "total_reposts": 7, + "audience_total": 46846, + "total_reposts": 9, "post_count": 1, "author": "mateus", "username": "mateus1415357", @@ -145,8 +145,8 @@ "reposts": 1, "post": "rt @xvonfers: (cve-2024-9122)[365802567][$55000][wasm]wasm type confusion due to imported tag signature subtyping is now open with poc and\u2026", "audience": 24, - "audience_total": 24036, - "total_reposts": 7, + "audience_total": 46846, + "total_reposts": 9, "post_count": 1, "author": "shawn", "username": "shawnabcd", @@ -168,8 +168,8 @@ "reposts": 1, "post": "rt @xvonfers: (cve-2024-9122)[365802567][$55000][wasm]wasm type confusion due to imported tag signature subtyping is now open with poc and\u2026", "audience": 2134, - "audience_total": 24036, - "total_reposts": 7, + "audience_total": 46846, + "total_reposts": 9, "post_count": 1, "author": "ethical hacker", "username": "offethhacker", @@ -182,5 +182,51 @@ "vendor_logo": null, "profile_url": null, "feed_name": "twitter" + }, + { + "cve": "CVE-2024-9122", + "created_datetime": "2024-12-26T16:44:31", + "author_id": "1116874982401953792", + "data_id": "1872322612610929003", + "reposts": 1, + "post": "rt @xvonfers: (cve-2024-9122)[365802567][$55000][wasm]wasm type confusion due to imported tag signature subtyping is now open with poc and\u2026", + "audience": 13, + "audience_total": 46846, + "total_reposts": 9, + "post_count": 1, + "author": "--", + "username": "abcde23535093", + "v_score": 0.486365, + "e_score": 0.00043, + "base_score": "8.8", + "description": "TYPE CONFUSION IN V8 IN GOOGLE CHROME PRIOR TO 129.0.6668.70 ALLOWED A REMOTE ATTACKER TO PERFORM OUT OF BOUNDS MEMORY ACCESS VIA A CRAFTED HTML PAGE. (CHROMIUM SECURITY SEVERITY: HIGH)", + "last_modified_datetime": "2024-09-26 13:32:00", + "published_datetime": "2024-09-25 01:15:00", + "vendor_logo": null, + "profile_url": null, + "feed_name": "twitter" + }, + { + "cve": "CVE-2024-9122", + "created_datetime": "2024-12-26T16:39:25", + "author_id": "2332293343", + "data_id": "1872321328935801058", + "reposts": 1, + "post": "rt @xvonfers: (cve-2024-9122)[365802567][$55000][wasm]wasm type confusion due to imported tag signature subtyping is now open with poc and\u2026", + "audience": 22797, + "audience_total": 46846, + "total_reposts": 9, + "post_count": 1, + "author": "stephen sims", + "username": "steph3nsims", + "v_score": 0.486365, + "e_score": 0.00043, + "base_score": "8.8", + "description": "TYPE CONFUSION IN V8 IN GOOGLE CHROME PRIOR TO 129.0.6668.70 ALLOWED A REMOTE ATTACKER TO PERFORM OUT OF BOUNDS MEMORY ACCESS VIA A CRAFTED HTML PAGE. (CHROMIUM SECURITY SEVERITY: HIGH)", + "last_modified_datetime": "2024-09-26 13:32:00", + "published_datetime": "2024-09-25 01:15:00", + "vendor_logo": null, + "profile_url": null, + "feed_name": "twitter" } ] \ No newline at end of file diff --git a/social_media/x/2024/CVE-2024-9474.json b/social_media/x/2024/CVE-2024-9474.json index 817cb7d14..82a8255b3 100644 --- a/social_media/x/2024/CVE-2024-9474.json +++ b/social_media/x/2024/CVE-2024-9474.json @@ -170,8 +170,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 58, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "melo brandon", "username": "melobrando41811", @@ -198,8 +198,8 @@ "reposts": 1, "post": "rt @the_yellow_fall: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices\n\nlearn about the stealthy operati\u2026", "audience": 2736, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "andre gironda", "username": "andregironda", @@ -226,8 +226,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 658, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "miguel angel blanco", "username": "linuxmil", @@ -254,8 +254,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 43856, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "oihec hackers", "username": "hackersoihec", @@ -282,8 +282,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 7, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "mangrove13", "username": "mangrove3331", @@ -310,8 +310,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 14, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "luis gavilanes", "username": "luisgav35640542", @@ -338,8 +338,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 2488, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "g\u00fcnter born", "username": "etguenni", @@ -366,8 +366,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 120, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "frajico", "username": "frajico", @@ -394,8 +394,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 112, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "austen", "username": "austen_s550_hax", @@ -422,8 +422,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 65, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "riaz badshah", "username": "riazmian0333", @@ -450,8 +450,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 54, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "halle berry", "username": "hallebe22292567", @@ -478,8 +478,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 814, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "manny m. (vicente traditor mancebo) \ud83d\udc80", "username": "sargexd", @@ -534,8 +534,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 128313, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "thaddeus e. grugq", "username": "thegrugq", @@ -562,8 +562,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 1844, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "lu", "username": "1lufad", @@ -590,8 +590,8 @@ "reposts": 1, "post": "rt @zoomeye_team: \ud83d\udea8\ud83d\udea8cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices\n\u26a0attackers exploited cve-2024-9474\u2026", "audience": 1161, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "ipvision", "username": "ipvision_ve", @@ -618,8 +618,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 3978, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "\ua9c1\u2022\u22b9\u066d\ud835\ude8a\ud835\ude8d\ud835\ude91\ud835\ude8d\ud835\udea0\ud835\ude98\ud835\ude97\ud835\ude8d\ud835\ude8e\ud835\ude9b\ud835\udea0\ud835\ude98\ud835\ude96\ud835\ude8a\ud835\ude97\u066d\u22b9\u2022\ua9c2", "username": "adhdwonderwoman", @@ -646,8 +646,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 5, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "json bourne again shell", "username": "iegenderi", @@ -674,8 +674,8 @@ "reposts": 1, "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", "audience": 8338, - "audience_total": 194655, - "total_reposts": 21, + "audience_total": 195163, + "total_reposts": 23, "post_count": 1, "author": "ciberconsejo", "username": "ciberconsejo", @@ -693,5 +693,61 @@ ], "profile_url": null, "feed_name": "twitter" + }, + { + "cve": "CVE-2024-9474", + "created_datetime": "2024-12-26T17:02:21", + "author_id": "1355616124461842432", + "data_id": "1872327100084129815", + "reposts": 1, + "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", + "audience": 237, + "audience_total": 195163, + "total_reposts": 23, + "post_count": 1, + "author": "art&fact", + "username": "artfact10", + "v_score": 0.762956, + "e_score": 0.97519, + "base_score": "7.2", + "description": "A PRIVILEGE ESCALATION VULNERABILITY IN PALO ALTO NETWORKS PAN-OS SOFTWARE ALLOWS A PAN-OS ADMINISTRATOR WITH ACCESS TO THE MANAGEMENT WEB INTERFACE TO PERFORM ACTIONS ON THE FIREWALL WITH ROOT PRIVILEGES.\n\nCLOUD NGFW AND PRISMA ACCESS ARE NOT IMPACTED BY THIS VULNERABILITY.", + "last_modified_datetime": "2024-12-20 16:49:00", + "published_datetime": "2024-11-18 16:15:00", + "vendor_logo": [ + [ + "paloaltonetworks", + null + ] + ], + "profile_url": null, + "feed_name": "twitter" + }, + { + "cve": "CVE-2024-9474", + "created_datetime": "2024-12-26T16:05:15", + "author_id": "1718618861933588480", + "data_id": "1872312728737763509", + "reposts": 1, + "post": "rt @dinosn: cve-2024-9474 exploited: littlelamb.wooltea backdoor discovered in palo alto devices https://t.co/bumhl3sema", + "audience": 271, + "audience_total": 195163, + "total_reposts": 23, + "post_count": 1, + "author": "umua mua", + "username": "4constellation", + "v_score": 0.762956, + "e_score": 0.97519, + "base_score": "7.2", + "description": "A PRIVILEGE ESCALATION VULNERABILITY IN PALO ALTO NETWORKS PAN-OS SOFTWARE ALLOWS A PAN-OS ADMINISTRATOR WITH ACCESS TO THE MANAGEMENT WEB INTERFACE TO PERFORM ACTIONS ON THE FIREWALL WITH ROOT PRIVILEGES.\n\nCLOUD NGFW AND PRISMA ACCESS ARE NOT IMPACTED BY THIS VULNERABILITY.", + "last_modified_datetime": "2024-12-20 16:49:00", + "published_datetime": "2024-11-18 16:15:00", + "vendor_logo": [ + [ + "paloaltonetworks", + null + ] + ], + "profile_url": null, + "feed_name": "twitter" } ] \ No newline at end of file diff --git a/social_media/x/tweet_cves_resumo.csv b/social_media/x/tweet_cves_resumo.csv index 1468bb48c..9b1ab53ce 100644 --- a/social_media/x/tweet_cves_resumo.csv +++ b/social_media/x/tweet_cves_resumo.csv @@ -343,7 +343,7 @@ CVE-2023-0266,2449,4,2024-03-10T20:07:51 CVE-2023-0297,304,1,2024-03-26T16:52:18 CVE-2023-0461,38,9,2024-02-18T14:19:57 CVE-2023-1289,328,8,2024-10-14T14:37:07 -CVE-2023-1389,2736,27,2024-12-25T22:23:28 +CVE-2023-1389,3164,28,2024-12-26T16:43:39 CVE-2023-1829,3566,7,2024-02-26T04:38:38 CVE-2023-1874,2569,3,2024-09-30T19:55:43 CVE-2023-20093,70,1,2024-11-15T17:07:06 @@ -1127,7 +1127,7 @@ CVE-2024-23774,318,1,2024-04-24T15:09:25 CVE-2024-23780,3471,2,2024-03-08T11:00:15 CVE-2024-23832,42911,40,2024-02-21T00:17:24 CVE-2024-2389,1560,26,2024-07-03T19:38:42 -CVE-2024-23897,1839,171,2024-09-30T04:25:38 +CVE-2024-23897,8339,172,2024-12-26T16:50:43 CVE-2024-23917,52532,43,2024-05-30T04:56:16 CVE-2024-23923,112,1,2024-06-25T14:18:06 CVE-2024-23929,3325,1,2024-08-02T06:32:44 @@ -1748,7 +1748,7 @@ CVE-2024-40815,941,4,2024-11-03T17:47:15 CVE-2024-40834,4254,1,2024-12-07T04:58:33 CVE-2024-40841,5292,1,2024-10-03T11:55:26 CVE-2024-40865,434,2,2024-09-15T00:37:41 -CVE-2024-40896,34466,7,2024-12-26T12:50:48 +CVE-2024-40896,36618,11,2024-12-26T19:02:26 CVE-2024-40897,3542,1,2024-08-06T08:57:25 CVE-2024-41003,26264,17,2024-10-18T06:36:49 CVE-2024-41107,9408,8,2024-07-25T18:39:54 @@ -1888,7 +1888,7 @@ CVE-2024-45315,375,1,2024-10-13T22:06:09 CVE-2024-45316,66,1,2024-10-12T08:33:35 CVE-2024-45321,245,2,2024-12-05T20:41:20 CVE-2024-45337,3520,4,2024-12-25T01:03:25 -CVE-2024-45387,30621,29,2024-12-26T12:52:38 +CVE-2024-45387,38124,31,2024-12-26T17:18:24 CVE-2024-45388,216,2,2024-12-06T03:48:00 CVE-2024-45396,66,1,2024-10-12T08:33:52 CVE-2024-45409,24,156,2024-12-25T06:40:06 @@ -2018,7 +2018,7 @@ CVE-2024-5035,732,3,2024-05-28T17:43:28 CVE-2024-50354,5835,4,2024-11-18T15:38:00 CVE-2024-5037,13,1,2024-06-08T20:18:55 CVE-2024-50370,2708,3,2024-11-29T23:15:31 -CVE-2024-50379,181785,113,2024-12-26T13:40:02 +CVE-2024-50379,183669,119,2024-12-26T18:29:18 CVE-2024-50498,44352,5,2024-11-19T12:09:16 CVE-2024-50526,45690,8,2024-11-22T22:32:15 CVE-2024-50550,2149,11,2024-11-15T07:35:06 @@ -2031,7 +2031,7 @@ CVE-2024-51378,237330,32,2024-12-17T06:08:28 CVE-2024-51466,540,3,2024-12-23T15:06:02 CVE-2024-51479,141,8,2024-12-23T08:44:17 CVE-2024-5148,967,8,2024-06-05T06:01:56 -CVE-2024-51482,44648,13,2024-11-08T20:14:45 +CVE-2024-51482,90,14,2024-12-26T10:41:40 CVE-2024-51503,2547,6,2024-11-20T19:06:35 CVE-2024-51504,34721,4,2024-11-08T23:53:41 CVE-2024-51567,6004,3,2024-11-08T17:51:05 @@ -2275,7 +2275,7 @@ CVE-2024-9014,22543,6,2024-09-27T08:48:40 CVE-2024-9026,266,1,2024-09-30T12:48:13 CVE-2024-9065,1168,1,2024-12-20T13:27:20 CVE-2024-9121,47085,5,2024-12-24T01:16:45 -CVE-2024-9122,24036,8,2024-12-26T04:32:33 +CVE-2024-9122,46846,10,2024-12-26T16:44:31 CVE-2024-9137,3538,1,2024-10-23T01:29:56 CVE-2024-9143,25188,16,2024-11-22T16:22:05 CVE-2024-9164,148,22,2024-10-27T09:19:44 @@ -2294,7 +2294,7 @@ CVE-2024-9463,27014,26,2024-11-19T03:22:43 CVE-2024-9464,176648,48,2024-11-02T22:12:51 CVE-2024-9465,27545,20,2024-10-17T02:47:47 CVE-2024-9468,107,1,2024-10-14T23:13:06 -CVE-2024-9474,194655,25,2024-12-26T12:44:08 +CVE-2024-9474,195163,27,2024-12-26T17:02:21 CVE-2024-9478,3522,1,2024-12-03T01:05:02 CVE-2024-9486,937,19,2024-11-10T02:03:45 CVE-2024-9487,6831,26,2024-11-12T05:51:59