https://db.gcve.eu/sightings/feedMost recent sightings.2026-05-30T20:35:13.096712+00:00Vulnerability-Lookupinfo@gcve.eupython-feedgenContains only the most 10 recent sightings.https://db.gcve.eu/sighting/e474f233-717a-46e6-b7b8-e39f21817074/exporte474f233-717a-46e6-b7b8-e39f218170742026-05-30T20:35:13.392661+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "e474f233-717a-46e6-b7b8-e39f21817074", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23511", "type": "seen", "source": "https://t.me/cibsecurity/54292", "content": "\u203c CVE-2022-23511 \u203c\n\nA privilege escalation issue exists within the Amazon CloudWatch Agent for Windows, software for collecting metrics and logs from Amazon EC2 instances and on-premises servers, in versions up to and including v1.247354. When users trigger a repair of the Agent, a pop-up window opens with SYSTEM permissions. Users with administrative access to affected hosts may use this to create a new command prompt as NT AUTHORITY\\SYSTEM. To trigger this issue, the third party must be able to access the affected host and elevate their privileges such that they\u00e2\u20ac\u2122re able to trigger the agent repair process. They must also be able to install the tools required to trigger the issue. This issue does not affect the CloudWatch Agent for macOS or Linux. Agent users should upgrade to version 1.247355 of the CloudWatch Agent to address this issue. There is no recommended work around. Affected users must update the installed version of the CloudWatch Agent to address this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-12T16:21:00.000000Z"}2022-12-12T16:21:00+00:00https://db.gcve.eu/sighting/b67d0887-a153-4afa-a684-fc5b3bb26ef8/exportb67d0887-a153-4afa-a684-fc5b3bb26ef82026-05-30T20:35:13.392559+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "b67d0887-a153-4afa-a684-fc5b3bb26ef8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23514", "type": "seen", "source": "https://t.me/cibsecurity/54506", "content": "\u203c CVE-2022-23514 \u203c\n\nLoofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah < 2.19.1 contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a denial of service through CPU resource consumption. This issue is patched in version 2.19.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T16:22:48.000000Z"}2022-12-14T16:22:48+00:00https://db.gcve.eu/sighting/0ec81313-2e11-4c4e-ae3c-23b22c8b7cee/export0ec81313-2e11-4c4e-ae3c-23b22c8b7cee2026-05-30T20:35:13.392456+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "0ec81313-2e11-4c4e-ae3c-23b22c8b7cee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23512", "type": "seen", "source": "https://t.me/cibsecurity/54507", "content": "\u203c CVE-2022-23512 \u203c\n\nMeterSphere is a one-stop open source continuous testing platform. Versions prior to 2.4.1 are vulnerable to Path Injection in ApiTestCaseService::deleteBodyFiles which takes a user-controlled string id and passes it to ApiTestCaseService, which uses the user-provided value (testId) in new File(BODY_FILE_DIR + \"/\" + testId), being deleted later by file.delete(). By adding some camouflage parameters to the url, an attacker can target files on the server. The vulnerability has been fixed in v2.4.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T16:27:30.000000Z"}2022-12-14T16:27:30+00:00https://db.gcve.eu/sighting/3b196061-68f7-4702-bb76-232aaa8f920e/export3b196061-68f7-4702-bb76-232aaa8f920e2026-05-30T20:35:13.392352+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "3b196061-68f7-4702-bb76-232aaa8f920e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23515", "type": "seen", "source": "https://t.me/cibsecurity/54508", "content": "\u203c CVE-2022-23515 \u203c\n\nLoofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.1.0, < 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. This issue is patched in version 2.19.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T16:27:31.000000Z"}2022-12-14T16:27:31+00:00https://db.gcve.eu/sighting/3d214447-0927-489e-8614-c8873ed5ba03/export3d214447-0927-489e-8614-c8873ed5ba032026-05-30T20:35:13.392241+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "3d214447-0927-489e-8614-c8873ed5ba03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23516", "type": "seen", "source": "https://t.me/cibsecurity/54509", "content": "\u203c CVE-2022-23516 \u203c\n\nLoofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.2.0, < 2.19.1 uses recursion for sanitizing CDATA sections, making it susceptible to stack exhaustion and raising a SystemStackError exception. This may lead to a denial of service through CPU resource consumption. This issue is patched in version 2.19.1. Users who are unable to upgrade may be able to mitigate this vulnerability by limiting the length of the strings that are sanitized.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T16:27:32.000000Z"}2022-12-14T16:27:32+00:00https://db.gcve.eu/sighting/c9f239a6-8137-4866-b719-c374d3056e74/exportc9f239a6-8137-4866-b719-c374d3056e742026-05-30T20:35:13.392105+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "c9f239a6-8137-4866-b719-c374d3056e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23519", "type": "seen", "source": "https://t.me/cibsecurity/54528", "content": "\u203c CVE-2022-23519 \u203c\n\nrails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags in either of the following ways: allow both \"math\" and \"style\" elements, or allow both \"svg\" and \"style\" elements. Code is only impacted if allowed tags are being overridden. . This issue is fixed in version 1.4.4. All users overriding the allowed tags to include \"math\" or \"svg\" and \"style\" should either upgrade or use the following workaround immediately: Remove \"style\" from the overridden allowed tags, or remove \"math\" and \"svg\" from the overridden allowed tags.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T20:23:01.000000Z"}2022-12-14T20:23:01+00:00https://db.gcve.eu/sighting/b63776bc-9d53-409c-bf9f-961241173e41/exportb63776bc-9d53-409c-bf9f-961241173e412026-05-30T20:35:13.391995+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "b63776bc-9d53-409c-bf9f-961241173e41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23518", "type": "seen", "source": "https://t.me/cibsecurity/54540", "content": "\u203c CVE-2022-23518 \u203c\n\nrails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T20:23:16.000000Z"}2022-12-14T20:23:16+00:00https://db.gcve.eu/sighting/d35bd163-386f-44ee-b5a7-917fb3201f8b/exportd35bd163-386f-44ee-b5a7-917fb3201f8b2026-05-30T20:35:13.391867+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "d35bd163-386f-44ee-b5a7-917fb3201f8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23513", "type": "seen", "source": "https://t.me/cibsecurity/55221", "content": "\u203c CVE-2022-23513 \u203c\n\nPi-Hole is a network-wide ad blocking via your own Linux hardware, AdminLTE is a Pi-hole Dashboard for stats and more. In case of an attack, the threat actor will obtain the ability to perform an unauthorized query for blocked domains on `queryads` endpoint. In the case of application, this vulnerability exists because of a lack of validation in code on a root server path: `/admin/scripts/pi-hole/phpqueryads.php.` Potential threat actor(s) are able to perform an unauthorized query search in blocked domain lists. This could lead to the disclosure for any victims' personal blacklists.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-23T02:14:06.000000Z"}2022-12-23T02:14:06+00:00https://db.gcve.eu/sighting/04c1179d-4c75-4c08-8931-d9d207ea33d2/export04c1179d-4c75-4c08-8931-d9d207ea33d22026-05-30T20:35:13.391716+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "04c1179d-4c75-4c08-8931-d9d207ea33d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23519", "type": "seen", "source": "https://t.me/ctinow/84953", "content": "Internet Bug Bounty: CVE-2022-23519: Rails::Html::SafeListSanitizer vulnerable to XSS when certain tags are allowed (math+style || svg+style)\n\nhttps://ift.tt/hTYyvPm", "creation_timestamp": "2023-01-04T23:16:26.000000Z"}2023-01-04T23:16:26+00:00https://db.gcve.eu/sighting/d5162901-0c1d-4139-aaf7-89fce6f1bdad/exportd5162901-0c1d-4139-aaf7-89fce6f1bdad2026-05-30T20:35:13.389715+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "d5162901-0c1d-4139-aaf7-89fce6f1bdad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23512", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12751", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23512\n\ud83d\udd25 CVSS Score: 7.7 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N)\n\ud83d\udd39 Description: MeterSphere is a one-stop open source continuous testing platform. Versions prior to 2.4.1 are vulnerable to Path Injection in ApiTestCaseService::deleteBodyFiles which takes a user-controlled string id and passes it to ApiTestCaseService, which uses the user-provided value (testId) in new File(BODY_FILE_DIR + \"/\" + testId), being deleted later by file.delete(). By adding some camouflage parameters to the url, an attacker can target files on the server. The vulnerability has been fixed in v2.4.1.\n\ud83d\udccf Published: 2022-12-14T13:09:36.800Z\n\ud83d\udccf Modified: 2025-04-21T19:20:37.099Z\n\ud83d\udd17 References:\n1. https://github.com/metersphere/metersphere/security/advisories/GHSA-5mwp-xw7p-5j27", "creation_timestamp": "2025-04-21T20:03:23.000000Z"}2025-04-21T20:03:23+00:00