https://db.gcve.eu/sightings/feed 2026-05-09T05:46:47.071770+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/3edf9991-48d6-49fb-a309-d0cc8f52a573/export 2026-05-09T05:46:47.435431+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "3edf9991-48d6-49fb-a309-d0cc8f52a573", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-24568", "type": "seen", "source": "https://t.me/cibsecurity/28287", "content": "\u203c CVE-2021-24568 \u203c\n\nThe AddToAny Share Buttons WordPress plugin before 1.7.46 does not sanitise its Sharing Header setting when outputting it in frontend pages, allowing high privilege users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-06T14:40:53.000000Z"} 2021-09-06T14:40:53+00:00 https://db.gcve.eu/sighting/f0d4d173-d5c2-48bd-bd64-e2dc1fb745e9/export 2026-05-09T05:46:47.435378+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "f0d4d173-d5c2-48bd-bd64-e2dc1fb745e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-2456", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/540", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-2456\nURL\uff1ahttps://github.com/peterjson31337/CVE-2021-2456", "creation_timestamp": "2021-09-16T09:43:53.000000Z"} 2021-09-16T09:43:53+00:00 https://db.gcve.eu/sighting/4e70a8b1-94a8-4977-b2c4-886ab8457cc7/export 2026-05-09T05:46:47.435308+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "4e70a8b1-94a8-4977-b2c4-886ab8457cc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-2456", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/186", "content": "Latest Vulnerabilities and Exploits\n\nCVE-2021-3449 OpenSSL denial-of-service exploit\nhttps://github.com/terorie/cve-2021-3449\n\nProxyToken\nhttps://github.com/bhdresh/CVE-2021-33766-ProxyToken\n\nCVES Xstream-1.4.17\nhttps://github.com/zwjjustdoit/Xstream-1.4.17\n\nCVE-2021-36934/HiveNightmare/SeriousSAM\nhttps://github.com/cube0x0/CVE-2021-36934\n\nHow to exploit a vulnerable windows driver Exploit for AsrDrv104 sys\nhttps://github.com/stong/CVE-2020-15368\n\nCVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel\nhttps://github.com/0vercl0k/CVE-2021-32537\n\nCVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch sys\nhttps://github.com/0vercl0k/CVE-2021-28476\n\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\nExploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack\nhttps://github.com/lhashashinl/CVE-2021-37152\n\nProof on Concept Exploit for CVE-2021-38647 (OMIGOD)\nhttps://github.com/horizon3ai/CVE-2021-38647\n\nProof of Concept Exploit for vCenter CVE-2021-21972\nhttps://github.com/horizon3ai/CVE-2021-21972\n\nProof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893\nhttps://github.com/ZephrFish/CVE-2021-22893\n\nCVE-2021-33766 (ProxyToken)\nhttps://github.com/demossl/CVE-2021-33766-ProxyToken\n\nCVE-2021-2456\nhttps://github.com/peterjson31337/CVE-2021-2456\n\nCVE-2021-38647 POC for RCE\nhttps://github.com/midoxnet/CVE-2021-38647\n\nCVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\nhttps://github.com/r0ckysec/CVE-2021-26084_Confluence\nhttps://github.com/march0s1as/CVE-2021-26084\n\n\nCVE-2021-21551 Dell Driver EoP\nhttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551\n\nA basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)\nhttps://github.com/lntrx/CVE-2021-28663\n\nCVE-2021-40353 openSIS 8.0 SQL Injection\nhttps://github.com/5qu1n7/CVE-2021-40353\n\nCVE-2021-28476 Ubuntu 20.04\nhttps://github.com/sh4m2hwz/CVE-2021-28476-tools-env\n\nmy exp for chrome V8 CVE-2021-30551\nhttps://github.com/xmzyshypnc/CVE-2021-30551\n\nPOC of CVE-2021-2394\nhttps://github.com/lz2y/CVE-2021-2394\n\nWordPress Backup Guard Authenticated Remote Code Execution Exploit\nhttps://github.com/0dayNinja/CVE-2021-24155.rb\n\nExploit code for CVE-2021-33909,Just a dump of removed\nhttps://github.com/bbinfosec43/CVE-2021-33909", "creation_timestamp": "2021-09-18T23:06:09.000000Z"} 2021-09-18T23:06:09+00:00 https://db.gcve.eu/sighting/2fc726b4-7334-4b0e-8c45-89ccd5c1cf5a/export 2026-05-09T05:46:47.435242+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "2fc726b4-7334-4b0e-8c45-89ccd5c1cf5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-2456", "type": "published-proof-of-concept", "source": "https://t.me/cyber0iq/18", "content": "Latest Vulnerabilities and Exploits\n\nCVE-2021-3449 OpenSSL denial-of-service exploit\nhttps://github.com/terorie/cve-2021-3449\n\nProxyToken\nhttps://github.com/bhdresh/CVE-2021-33766-ProxyToken\n\nCVES Xstream-1.4.17\nhttps://github.com/zwjjustdoit/Xstream-1.4.17\n\nCVE-2021-36934/HiveNightmare/SeriousSAM\nhttps://github.com/cube0x0/CVE-2021-36934\n\nHow to exploit a vulnerable windows driver Exploit for AsrDrv104 sys\nhttps://github.com/stong/CVE-2020-15368\n\nCVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel\nhttps://github.com/0vercl0k/CVE-2021-32537\n\nCVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch sys\nhttps://github.com/0vercl0k/CVE-2021-28476\n\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\nExploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack\nhttps://github.com/lhashashinl/CVE-2021-37152\n\nProof on Concept Exploit for CVE-2021-38647 (OMIGOD)\nhttps://github.com/horizon3ai/CVE-2021-38647\n\nProof of Concept Exploit for vCenter CVE-2021-21972\nhttps://github.com/horizon3ai/CVE-2021-21972\n\nProof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893\nhttps://github.com/ZephrFish/CVE-2021-22893\n\nCVE-2021-33766 (ProxyToken)\nhttps://github.com/demossl/CVE-2021-33766-ProxyToken\n\nCVE-2021-2456\nhttps://github.com/peterjson31337/CVE-2021-2456\n\nCVE-2021-38647 POC for RCE\nhttps://github.com/midoxnet/CVE-2021-38647\n\nCVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\nhttps://github.com/r0ckysec/CVE-2021-26084_Confluence\nhttps://github.com/march0s1as/CVE-2021-26084\n\n\nCVE-2021-21551 Dell Driver EoP\nhttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551\n\nA basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)\nhttps://github.com/lntrx/CVE-2021-28663\n\nCVE-2021-40353 openSIS 8.0 SQL Injection\nhttps://github.com/5qu1n7/CVE-2021-40353\n\nCVE-2021-28476 Ubuntu 20.04\nhttps://github.com/sh4m2hwz/CVE-2021-28476-tools-env\n\nmy exp for chrome V8 CVE-2021-30551\nhttps://github.com/xmzyshypnc/CVE-2021-30551\n\nPOC of CVE-2021-2394\nhttps://github.com/lz2y/CVE-2021-2394\n\nWordPress Backup Guard Authenticated Remote Code Execution Exploit\nhttps://github.com/0dayNinja/CVE-2021-24155.rb\n\nExploit code for CVE-2021-33909,Just a dump of removed\nhttps://github.com/bbinfosec43/CVE-2021-33909", "creation_timestamp": "2021-09-25T02:14:31.000000Z"} 2021-09-25T02:14:31+00:00 https://db.gcve.eu/sighting/320c6bd3-85a4-4f33-9a5c-c7cd4319049d/export 2026-05-09T05:46:47.435166+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "320c6bd3-85a4-4f33-9a5c-c7cd4319049d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-2456", "type": "published-proof-of-concept", "source": "https://t.me/cyber0iq/19", "content": "Latest Vulnerabilities and Exploits\n\nCVE-2021-3449 OpenSSL denial-of-service exploit\nhttps://github.com/terorie/cve-2021-3449\n\nProxyToken\nhttps://github.com/bhdresh/CVE-2021-33766-ProxyToken\n\nCVES Xstream-1.4.17\nhttps://github.com/zwjjustdoit/Xstream-1.4.17\n\nCVE-2021-36934/HiveNightmare/SeriousSAM\nhttps://github.com/cube0x0/CVE-2021-36934\n\nHow to exploit a vulnerable windows driver Exploit for AsrDrv104 sys\nhttps://github.com/stong/CVE-2020-15368\n\nCVE-2021-32537: an out-of-bounds memory access that leads to pool corruption in the Windows kernel\nhttps://github.com/0vercl0k/CVE-2021-32537\n\nCVE-2021-28476 a guest-to-host \"Hyper-V Remote Code Execution Vulnerability\" in vmswitch sys\nhttps://github.com/0vercl0k/CVE-2021-28476\n\nCVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit\nhttps://github.com/klezVirus/CVE-2021-40444\n\nExploit Accsess network clients by sending packets in wirless TP-LINK and preparing for a mitm attack\nhttps://github.com/lhashashinl/CVE-2021-37152\n\nProof on Concept Exploit for CVE-2021-38647 (OMIGOD)\nhttps://github.com/horizon3ai/CVE-2021-38647\n\nProof of Concept Exploit for vCenter CVE-2021-21972\nhttps://github.com/horizon3ai/CVE-2021-21972\n\nProof-of-Concept (PoC) script to exploit Pulse Secure CVE-2021-22893\nhttps://github.com/ZephrFish/CVE-2021-22893\n\nCVE-2021-33766 (ProxyToken)\nhttps://github.com/demossl/CVE-2021-33766-ProxyToken\n\nCVE-2021-2456\nhttps://github.com/peterjson31337/CVE-2021-2456\n\nCVE-2021-38647 POC for RCE\nhttps://github.com/midoxnet/CVE-2021-38647\n\nCVE-2021-26084 (PoC) | Confluence Server Webwork OGNL injection\nhttps://github.com/alt3kx/CVE-2021-26084_PoC\nhttps://github.com/r0ckysec/CVE-2021-26084_Confluence\nhttps://github.com/march0s1as/CVE-2021-26084\n\n\nCVE-2021-21551 Dell Driver EoP\nhttps://github.com/ihack4falafel/Dell-Driver-EoP-CVE-2021-21551\n\nA basic PoC leak for CVE-2021-28663 (Internal of the Android kernel backdoor vulnerability)\nhttps://github.com/lntrx/CVE-2021-28663\n\nCVE-2021-40353 openSIS 8.0 SQL Injection\nhttps://github.com/5qu1n7/CVE-2021-40353\n\nCVE-2021-28476 Ubuntu 20.04\nhttps://github.com/sh4m2hwz/CVE-2021-28476-tools-env\n\nmy exp for chrome V8 CVE-2021-30551\nhttps://github.com/xmzyshypnc/CVE-2021-30551\n\nPOC of CVE-2021-2394\nhttps://github.com/lz2y/CVE-2021-2394\n\nWordPress Backup Guard Authenticated Remote Code Execution Exploit\nhttps://github.com/0dayNinja/CVE-2021-24155.rb\n\nExploit code for CVE-2021-33909,Just a dump of removed\nhttps://github.com/bbinfosec43/CVE-2021-33909", "creation_timestamp": "2021-09-25T02:15:23.000000Z"} 2021-09-25T02:15:23+00:00 https://db.gcve.eu/sighting/5323c39c-9bd7-42b7-bceb-6f7bdaed8981/export 2026-05-09T05:46:47.435094+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "5323c39c-9bd7-42b7-bceb-6f7bdaed8981", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-24563", "type": "seen", "source": "https://t.me/cibsecurity/30309", "content": "\u203c CVE-2021-24563 \u203c\n\nThe Frontend Uploader WordPress plugin through 1.3.2 does not prevent HTML files from being uploaded via its form, allowing unauthenticated user to upload a malicious HTML file containing JavaScript for example, which will be triggered when someone access the file directly\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-11T14:24:21.000000Z"} 2021-10-11T14:24:21+00:00 https://db.gcve.eu/sighting/721a05ab-2f88-41fe-a936-c45024ce4424/export 2026-05-09T05:46:47.435036+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "721a05ab-2f88-41fe-a936-c45024ce4424", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-24566", "type": "seen", "source": "https://t.me/ctinow/172385", "content": "https://ift.tt/TXyp03s\nCVE-2021-24566 Exploit", "creation_timestamp": "2024-01-23T23:16:28.000000Z"} 2024-01-23T23:16:28+00:00 https://db.gcve.eu/sighting/1f821a97-09bd-49af-ad95-3b1480cd37af/export 2026-05-09T05:46:47.434966+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "1f821a97-09bd-49af-ad95-3b1480cd37af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-24567", "type": "seen", "source": "https://t.me/ctinow/179983", "content": "https://ift.tt/erPzFRt\nCVE-2021-24567 | Simple Post Plugin up to 1.1 on WordPress Text cross site scripting", "creation_timestamp": "2024-02-06T13:46:59.000000Z"} 2024-02-06T13:46:59+00:00 https://db.gcve.eu/sighting/93de315b-49c8-4628-aaee-b469410ddf61/export 2026-05-09T05:46:47.434877+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "93de315b-49c8-4628-aaee-b469410ddf61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-24566", "type": "seen", "source": "https://t.me/ctinow/180002", "content": "https://ift.tt/C1sgonx\nCVE-2021-24566 | WooCommerce Currency Switcher FOX Plugin up to 1.3.6 on WordPress Shortcode path traversal", "creation_timestamp": "2024-02-06T14:16:46.000000Z"} 2024-02-06T14:16:46+00:00 https://db.gcve.eu/sighting/8627bffc-4755-46de-9691-c2981d9646c0/export 2026-05-09T05:46:47.433693+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "8627bffc-4755-46de-9691-c2981d9646c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-24566", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/18096", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-24566\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WooCommerce Currency Switcher FOX WordPress plugin before 1.3.7 was vulnerable to LFI attacks via the \"woocs\" shortcode.\n\ud83d\udccf Published: 2024-01-16T15:48:44.185Z\n\ud83d\udccf Modified: 2025-06-11T17:11:16.128Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/a0bc4b13-53fe-462d-8306-8915196d3a5a/\n2. https://jetpack.com/2021/07/22/severe-vulnerability-patched-in-woocommerce-currency-switcher/", "creation_timestamp": "2025-06-11T17:34:24.000000Z"} 2025-06-11T17:34:24+00:00