Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 06 Jun 2026 08:08:17 +0000 ca237004-c17b-4d2e-a5fb-d1c64c851d6a https://vulnerability.circl.lu/sighting/ca237004-c17b-4d2e-a5fb-d1c64c851d6a/export {"uuid": "ca237004-c17b-4d2e-a5fb-d1c64c851d6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "Telegram/V6C3WOxDbov-Mvc3FF7LxHWCN2GrvxrxFbMqJzKk7o1fcw", "content": "", "creation_timestamp": "2024-08-22T09:59:50.000000Z"} {"uuid": "ca237004-c17b-4d2e-a5fb-d1c64c851d6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "Telegram/V6C3WOxDbov-Mvc3FF7LxHWCN2GrvxrxFbMqJzKk7o1fcw", "content": "", "creation_timestamp": "2024-08-22T09:59:50.000000Z"} https://vulnerability.circl.lu/sighting/ca237004-c17b-4d2e-a5fb-d1c64c851d6a/export Thu, 22 Aug 2024 09:59:50 +0000 fcf757c7-b049-4794-a6b3-3e45c090cdef https://vulnerability.circl.lu/sighting/fcf757c7-b049-4794-a6b3-3e45c090cdef/export {"uuid": "fcf757c7-b049-4794-a6b3-3e45c090cdef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/KomunitiSiber/2442", "content": "GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges\nhttps://thehackernews.com/2024/08/github-patches-critical-security-flaw.html\n\nGitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges.\nThe most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a CVSS score of 9.5.\n\"On GitHub Enterprise Server instances that use SAML single sign-on (SSO)", "creation_timestamp": "2024-08-22T10:28:22.000000Z"} {"uuid": "fcf757c7-b049-4794-a6b3-3e45c090cdef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/KomunitiSiber/2442", "content": "GitHub Patches Critical Security Flaw in Enterprise Server Granting Admin Privileges\nhttps://thehackernews.com/2024/08/github-patches-critical-security-flaw.html\n\nGitHub has released fixes to address a set of three security flaws impacting its Enterprise Server product, including one critical bug that could be abused to gain site administrator privileges.\nThe most severe of the shortcomings has been assigned the CVE identifier CVE-2024-6800, and carries a CVSS score of 9.5.\n\"On GitHub Enterprise Server instances that use SAML single sign-on (SSO)", "creation_timestamp": "2024-08-22T10:28:22.000000Z"} https://vulnerability.circl.lu/sighting/fcf757c7-b049-4794-a6b3-3e45c090cdef/export Thu, 22 Aug 2024 10:28:22 +0000 ad98a299-0e9b-43a4-9ed6-241af7e2e185 https://vulnerability.circl.lu/sighting/ad98a299-0e9b-43a4-9ed6-241af7e2e185/export {"uuid": "ad98a299-0e9b-43a4-9ed6-241af7e2e185", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/xakep_ru/16290", "content": "\u0412 GitHub Enterprise Server \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 GitHub \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0441\u0440\u0430\u0437\u0443 \u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 GitHub Enterprise Server \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u0442\u0447\u0438 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435. \u0422\u0430\u043a, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 GitHub Enterprise Server, \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\nhttps://xakep.ru/2024/08/22/cve-2024-6800/", "creation_timestamp": "2024-08-22T16:06:26.000000Z"} {"uuid": "ad98a299-0e9b-43a4-9ed6-241af7e2e185", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/xakep_ru/16290", "content": "\u0412 GitHub Enterprise Server \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438\n\n\u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 GitHub \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b\u0438 \u0441\u0440\u0430\u0437\u0443 \u0442\u0440\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 GitHub Enterprise Server \u0438 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0443\u044e\u0442 \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u043c \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c \u0443\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u043f\u0430\u0442\u0447\u0438 \u043a\u0430\u043a \u043c\u043e\u0436\u043d\u043e \u0441\u043a\u043e\u0440\u0435\u0435. \u0422\u0430\u043a, \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u044e\u0449\u0430\u044f \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 GitHub Enterprise Server, \u043c\u043e\u0436\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0438 \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430.\n\nhttps://xakep.ru/2024/08/22/cve-2024-6800/", "creation_timestamp": "2024-08-22T16:06:26.000000Z"} https://vulnerability.circl.lu/sighting/ad98a299-0e9b-43a4-9ed6-241af7e2e185/export Thu, 22 Aug 2024 16:06:26 +0000 509da527-3aec-4013-a967-ce6d393833b3 https://vulnerability.circl.lu/sighting/509da527-3aec-4013-a967-ce6d393833b3/export {"uuid": "509da527-3aec-4013-a967-ce6d393833b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/true_secator/6127", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 GitHub Enterprise Server \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435.\n\nCVE-2024-6800 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 9,5 \u043f\u043e \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0443 CVSS 4.0.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u043d\u0438\u044f XML-\u0441\u0438\u0433\u043d\u0430\u0442\u0443\u0440, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0434\u0434\u0435\u043b\u044b\u0432\u0430\u0442\u044c \u043e\u0442\u0432\u0435\u0442\u044b Security Assertion Markup Language (SAML).\n\n\u041d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u0445 GitHub Enterprise Server, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e SAML \u0441 \u0435\u0434\u0438\u043d\u044b\u043c \u0432\u0445\u043e\u0434\u043e\u043c (SSO) \u0441 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c\u0438 IdP, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0434\u0434\u0435\u043b\u0430\u0442\u044c \u043e\u0442\u0432\u0435\u0442 SAML \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0441\u0430\u0439\u0442\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u0438\u0441\u043a\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b FOFA, \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0431\u043e\u043b\u0435\u0435 36 500 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 GHES, \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 (29 200) \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u044b \u0432 \u0421\u0428\u0410, \u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0438\u0437 \u043d\u0438\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 \u043d\u0435 \u044f\u0441\u043d\u043e.\n\nGitHub \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b \u044d\u0442\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 GHES 3.13.3, 3.12.8, 3.11.14 \u0438 3.10.16. \n\n\u041d\u043e\u0432\u044b\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0438 GHES \u0442\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u0432\u0443\u0445 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438: \n\n- CVE-2024-7711 (CVSS: 5,3): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a, \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043b\u0438\u0446 \u0438 \u043c\u0435\u0442\u043a\u0438 \u043b\u044e\u0431\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u043c \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438.\n\n- CVE-2024-6337 (CVSS: 5,9): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438\u0437 \u0437\u0430\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f GitHub.\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b GitHub Bug Bounty \u043d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 HackerOne.\n\nGitHub \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043b\u0443\u0436\u0431\u044b \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u0434\u0430\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043f\u043e\u0441\u043b\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043d\u043e \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440 \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u0434\u043e\u043b\u0436\u0435\u043d \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c\u0441\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e.", "creation_timestamp": "2024-08-23T12:50:05.000000Z"} {"uuid": "509da527-3aec-4013-a967-ce6d393833b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/true_secator/6127", "content": "\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u043d\u0435\u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0432\u0435\u0440\u0441\u0438\u0439 GitHub Enterprise Server \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044f \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u043f\u0440\u0430\u0432\u0430 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u043d\u0430 \u043a\u043e\u043c\u043f\u044c\u044e\u0442\u0435\u0440\u0435.\n\nCVE-2024-6800 \u043f\u043e\u043b\u0443\u0447\u0438\u043b\u0430 \u043e\u0446\u0435\u043d\u043a\u0443 9,5 \u043f\u043e \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u0443 CVSS 4.0.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u043e\u0440\u0430\u0447\u0438\u0432\u0430\u043d\u0438\u044f XML-\u0441\u0438\u0433\u043d\u0430\u0442\u0443\u0440, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043f\u043e\u0434\u0434\u0435\u043b\u044b\u0432\u0430\u0442\u044c \u043e\u0442\u0432\u0435\u0442\u044b Security Assertion Markup Language (SAML).\n\n\u041d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u0430\u0445 GitHub Enterprise Server, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u044e SAML \u0441 \u0435\u0434\u0438\u043d\u044b\u043c \u0432\u0445\u043e\u0434\u043e\u043c (SSO) \u0441 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u043c\u0438 IdP, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0434\u0434\u0435\u043b\u0430\u0442\u044c \u043e\u0442\u0432\u0435\u0442 SAML \u0434\u043b\u044f \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u0443\u0447\u0435\u0442\u043d\u043e\u0439 \u0437\u0430\u043f\u0438\u0441\u0438 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u044f \u0441 \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u044f\u043c\u0438 \u0430\u0434\u043c\u0438\u043d\u0438\u0441\u0442\u0440\u0430\u0442\u043e\u0440\u0430 \u0441\u0430\u0439\u0442\u0430.\n\n\u041f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u043f\u043e\u0438\u0441\u043a\u043e\u0432\u043e\u0439 \u0441\u0438\u0441\u0442\u0435\u043c\u044b FOFA, \u0432 \u0418\u043d\u0442\u0435\u0440\u043d\u0435\u0442\u0435 \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e \u0431\u043e\u043b\u0435\u0435 36 500 \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440\u043e\u0432 GHES, \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0438\u0437 \u043a\u043e\u0442\u043e\u0440\u044b\u0445 (29 200) \u0440\u0430\u0441\u043f\u043e\u043b\u043e\u0436\u0435\u043d\u044b \u0432 \u0421\u0428\u0410, \u0441\u043a\u043e\u043b\u044c\u043a\u043e \u0438\u0437 \u043d\u0438\u0445 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u0443\u044e \u0432\u0435\u0440\u0441\u0438\u044e \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 \u043d\u0435 \u044f\u0441\u043d\u043e.\n\nGitHub \u0443\u0441\u0442\u0440\u0430\u043d\u0438\u043b \u044d\u0442\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0443 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 GHES 3.13.3, 3.12.8, 3.11.14 \u0438 3.10.16. \n\n\u041d\u043e\u0432\u044b\u0435 \u0432\u044b\u043f\u0443\u0441\u043a\u0438 GHES \u0442\u0430\u043a\u0436\u0435 \u0432\u043a\u043b\u044e\u0447\u0430\u044e\u0442 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u0432\u0443\u0445 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0441\u0440\u0435\u0434\u043d\u0435\u0439 \u0441\u0442\u0435\u043f\u0435\u043d\u0438 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u043e\u0441\u0442\u0438: \n\n- CVE-2024-7711 (CVSS: 5,3): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u044c \u0437\u0430\u0433\u043e\u043b\u043e\u0432\u043e\u043a, \u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0435\u043d\u043d\u044b\u0445 \u043b\u0438\u0446 \u0438 \u043c\u0435\u0442\u043a\u0438 \u043b\u044e\u0431\u043e\u0439 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0432 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u043c \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438.\n\n- CVE-2024-6337 (CVSS: 5,9): \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043f\u043e\u043b\u0443\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0441\u043e\u0434\u0435\u0440\u0436\u0438\u043c\u043e\u043c\u0443 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0438\u0437 \u0437\u0430\u043a\u0440\u044b\u0442\u043e\u0433\u043e \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u044f \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u044f GitHub.\n\n\u0412\u0441\u0435 \u0442\u0440\u0438 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u044b \u0431\u044b\u043b\u0438 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u043d\u044b \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u044b GitHub Bug Bounty \u043d\u0430 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0435 HackerOne.\n\nGitHub \u043f\u0440\u0435\u0434\u0443\u043f\u0440\u0435\u0436\u0434\u0430\u0435\u0442, \u0447\u0442\u043e \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u043b\u0443\u0436\u0431\u044b \u043c\u043e\u0433\u0443\u0442 \u0432\u044b\u0434\u0430\u0432\u0430\u0442\u044c \u043e\u0448\u0438\u0431\u043a\u0438 \u0432 \u043f\u0440\u043e\u0446\u0435\u0441\u0441\u0435 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438 \u043f\u043e\u0441\u043b\u0435 \u043f\u0440\u0438\u043c\u0435\u043d\u0435\u043d\u0438\u044f \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0439 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043d\u043e \u044d\u043a\u0437\u0435\u043c\u043f\u043b\u044f\u0440 \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u0434\u043e\u043b\u0436\u0435\u043d \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0442\u044c\u0441\u044f \u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e.", "creation_timestamp": "2024-08-23T12:50:05.000000Z"} https://vulnerability.circl.lu/sighting/509da527-3aec-4013-a967-ce6d393833b3/export Fri, 23 Aug 2024 12:50:05 +0000 9602ad0d-03ca-45f5-a72c-57d9833545f4 https://vulnerability.circl.lu/sighting/9602ad0d-03ca-45f5-a72c-57d9833545f4/export {"uuid": "9602ad0d-03ca-45f5-a72c-57d9833545f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "Telegram/1_vcacoomzYihOGFOx2KRxbErYxJjO2PUlegAUICxwpFLpXv", "content": "", "creation_timestamp": "2024-08-26T14:44:07.000000Z"} {"uuid": "9602ad0d-03ca-45f5-a72c-57d9833545f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "Telegram/1_vcacoomzYihOGFOx2KRxbErYxJjO2PUlegAUICxwpFLpXv", "content": "", "creation_timestamp": "2024-08-26T14:44:07.000000Z"} https://vulnerability.circl.lu/sighting/9602ad0d-03ca-45f5-a72c-57d9833545f4/export Mon, 26 Aug 2024 14:44:07 +0000 28bb0187-c5ed-4c78-9672-4254dcaca27f https://vulnerability.circl.lu/sighting/28bb0187-c5ed-4c78-9672-4254dcaca27f/export {"uuid": "28bb0187-c5ed-4c78-9672-4254dcaca27f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/cibsecurity/79242", "content": "\ud83e\udd85 The SAML Exploit That Could Take Down GitHub: What You Need to Know About CVE-2024-6800 \ud83e\udd85\n\n Key Takeaways\u00a0 CVE20246800 is a severe security flaw discovered in GitHub Enterprise Server GHES, which could allow unauthorized access and control over sensitive systems by exploiting XML signature wrapping and forged SAML responses.\u00a0 The vulnerability impacts all GHES versions prior to 3.14, excluding versions 3.13.3, 3.12.8, 3.11.14, and 3.10.16, indicating that many installations could be at risk.\u00a0 Exploiting this vulnerability can grant attackers unauthorized access to GHES instances, enabling them to view, modify, or delete critical source code and sensitive data and potentially compromising entire supply chains.\u00a0 GHES instances are often accessible over the internet, which broadens the attack surface and increases the likelihood of exploitation, emphasizing the n...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-08-26T17:20:16.000000Z"} {"uuid": "28bb0187-c5ed-4c78-9672-4254dcaca27f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "seen", "source": "https://t.me/cibsecurity/79242", "content": "\ud83e\udd85 The SAML Exploit That Could Take Down GitHub: What You Need to Know About CVE-2024-6800 \ud83e\udd85\n\n Key Takeaways\u00a0 CVE20246800 is a severe security flaw discovered in GitHub Enterprise Server GHES, which could allow unauthorized access and control over sensitive systems by exploiting XML signature wrapping and forged SAML responses.\u00a0 The vulnerability impacts all GHES versions prior to 3.14, excluding versions 3.13.3, 3.12.8, 3.11.14, and 3.10.16, indicating that many installations could be at risk.\u00a0 Exploiting this vulnerability can grant attackers unauthorized access to GHES instances, enabling them to view, modify, or delete critical source code and sensitive data and potentially compromising entire supply chains.\u00a0 GHES instances are often accessible over the internet, which broadens the attack surface and increases the likelihood of exploitation, emphasizing the n...\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"CYBLE\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity", "creation_timestamp": "2024-08-26T17:20:16.000000Z"} https://vulnerability.circl.lu/sighting/28bb0187-c5ed-4c78-9672-4254dcaca27f/export Mon, 26 Aug 2024 17:20:16 +0000 5deb89b7-ac24-4fc4-bc20-004ad0f593ae https://vulnerability.circl.lu/sighting/5deb89b7-ac24-4fc4-bc20-004ad0f593ae/export {"uuid": "5deb89b7-ac24-4fc4-bc20-004ad0f593ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/669", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-10T10:01:29.000000Z"} {"uuid": "5deb89b7-ac24-4fc4-bc20-004ad0f593ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/669", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-10T10:01:29.000000Z"} https://vulnerability.circl.lu/sighting/5deb89b7-ac24-4fc4-bc20-004ad0f593ae/export Tue, 10 Sep 2024 10:01:29 +0000 630c3dea-cc85-491b-ae10-d58bc8d8d27a https://vulnerability.circl.lu/sighting/630c3dea-cc85-491b-ae10-d58bc8d8d27a/export {"uuid": "630c3dea-cc85-491b-ae10-d58bc8d8d27a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3522", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-10T10:01:29.000000Z"} {"uuid": "630c3dea-cc85-491b-ae10-d58bc8d8d27a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/3522", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-10T10:01:29.000000Z"} https://vulnerability.circl.lu/sighting/630c3dea-cc85-491b-ae10-d58bc8d8d27a/export Tue, 10 Sep 2024 10:01:29 +0000 66c953f7-7241-4f06-a166-720334a47470 https://vulnerability.circl.lu/sighting/66c953f7-7241-4f06-a166-720334a47470/export {"uuid": "66c953f7-7241-4f06-a166-720334a47470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/311", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-10T14:05:36.000000Z"} {"uuid": "66c953f7-7241-4f06-a166-720334a47470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/311", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-10T14:05:36.000000Z"} https://vulnerability.circl.lu/sighting/66c953f7-7241-4f06-a166-720334a47470/export Tue, 10 Sep 2024 14:05:36 +0000 f5e39b52-4bc5-4ff0-a692-6bdab019ec3e https://vulnerability.circl.lu/sighting/f5e39b52-4bc5-4ff0-a692-6bdab019ec3e/export {"uuid": "f5e39b52-4bc5-4ff0-a692-6bdab019ec3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11107", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n]-> https://github.com/watchtowrlabs/CVE-2024-40711\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-16T18:20:15.000000Z"} {"uuid": "f5e39b52-4bc5-4ff0-a692-6bdab019ec3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6800", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11107", "content": "#exploit\n1. CVE-2024-40711:\nVeeam Backup & Response - RCE\nhttps://labs.watchtowr.com/veeam-backup-response-rce-with-auth-but-mostly-without-auth-cve-2024-40711-2\n]-> https://github.com/watchtowrlabs/CVE-2024-40711\n\n2. CVE-2024-28000:\nLiteSpeed Cache Privilege Escalation\nhttps://github.com/Alucard0x1/CVE-2024-28000\n\n3. CVE-2024-6800:\nGHES Authentication Bypass\nhttps://cyble.com/blog/saml-exploit-github-cve-2024-6800", "creation_timestamp": "2024-09-16T18:20:15.000000Z"} https://vulnerability.circl.lu/sighting/f5e39b52-4bc5-4ff0-a692-6bdab019ec3e/export Mon, 16 Sep 2024 18:20:15 +0000