Most recent sightings.

https://db.gcve.eu/sightings/feed Most recent sightings. 2026-05-22T21:19:45.058625+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/455da2d1-5959-429b-a5b3-06759c052519/export 455da2d1-5959-429b-a5b3-06759c052519 2026-05-22T21:19:45.507172+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "455da2d1-5959-429b-a5b3-06759c052519", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48252", "type": "seen", "source": "https://t.me/cibsecurity/56323", "content": "\u203c CVE-2022-48252 \u203c\n\nThe jokob-sk/Pi.Alert fork (before 22.12.20) of Pi.Alert allows Remote Code Execution via nmap_scan.php (scan parameter) OS Command Injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T07:28:57.000000Z"} 2023-01-11T07:28:57+00:00 https://db.gcve.eu/sighting/1598f820-b7dd-4cea-9aa5-42020afcb546/export 1598f820-b7dd-4cea-9aa5-42020afcb546 2026-05-22T21:19:45.507104+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "1598f820-b7dd-4cea-9aa5-42020afcb546", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48253", "type": "seen", "source": "https://t.me/cibsecurity/56334", "content": "\u203c CVE-2022-48253 \u203c\n\nnhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to execute arbitrary commands on the remote server. The vulnerability occurs when the homedirs option is used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-11T07:29:13.000000Z"} 2023-01-11T07:29:13+00:00 https://db.gcve.eu/sighting/1edabd81-4371-4d60-9099-849f8a48c13d/export 1edabd81-4371-4d60-9099-849f8a48c13d 2026-05-22T21:19:45.507036+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "1edabd81-4371-4d60-9099-849f8a48c13d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48258", "type": "seen", "source": "https://t.me/cibsecurity/56473", "content": "\u203c CVE-2022-48258 \u203c\n\nIn Eternal Terminal 6.2.1, etserver and etclient have world-readable logfiles.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-13T07:31:02.000000Z"} 2023-01-13T07:31:02+00:00 https://db.gcve.eu/sighting/5f646a3b-8de2-4ffb-abf7-b8ac2f313ace/export 5f646a3b-8de2-4ffb-abf7-b8ac2f313ace 2026-05-22T21:19:45.506962+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "5f646a3b-8de2-4ffb-abf7-b8ac2f313ace", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48256", "type": "seen", "source": "https://t.me/cibsecurity/56477", "content": "\u203c CVE-2022-48256 \u203c\n\nTechnitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop causes an answer to contain hundreds of records.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-13T07:31:06.000000Z"} 2023-01-13T07:31:06+00:00 https://db.gcve.eu/sighting/4235e0b3-48dd-4de7-b227-a6d833b4e949/export 4235e0b3-48dd-4de7-b227-a6d833b4e949 2026-05-22T21:19:45.506878+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "4235e0b3-48dd-4de7-b227-a6d833b4e949", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4825", "type": "seen", "source": "https://t.me/cibsecurity/57581", "content": "\u203c CVE-2022-4825 \u203c\n\nThe WP-ShowHide WordPress plugin before 1.05 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-06T22:23:33.000000Z"} 2023-02-06T22:23:33+00:00 https://db.gcve.eu/sighting/0b0946a2-e5c7-49f1-9a45-1c5d6e2b53bb/export 0b0946a2-e5c7-49f1-9a45-1c5d6e2b53bb 2026-05-22T21:19:45.506810+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "0b0946a2-e5c7-49f1-9a45-1c5d6e2b53bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48259", "type": "seen", "source": "https://t.me/cibsecurity/59036", "content": "\u203c CVE-2022-48259 \u203c\n\nThere is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. Successful exploitation could allow attackers to gain higher privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T20:41:14.000000Z"} 2023-02-27T20:41:14+00:00 https://db.gcve.eu/sighting/302d7ef5-5155-422f-8905-498165960486/export 302d7ef5-5155-422f-8905-498165960486 2026-05-22T21:19:45.506734+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "302d7ef5-5155-422f-8905-498165960486", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48250", "type": "seen", "source": "https://t.me/cibsecurity/63553", "content": "\u203c CVE-2022-48250 \u203c\n\nIn audio service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T07:43:06.000000Z"} 2023-05-09T07:43:06+00:00 https://db.gcve.eu/sighting/bebdcd5d-3cd6-418a-92b0-8da0d9a6183d/export bebdcd5d-3cd6-418a-92b0-8da0d9a6183d 2026-05-22T21:19:45.506654+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "bebdcd5d-3cd6-418a-92b0-8da0d9a6183d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4825", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8785", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4825\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WP-ShowHide WordPress plugin before 1.05 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.\n\ud83d\udccf Published: 2023-02-06T19:59:18.188Z\n\ud83d\udccf Modified: 2025-03-25T20:40:01.173Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/a2758983-d3a7-4718-b5b8-30169df6780a", "creation_timestamp": "2025-03-25T21:25:38.000000Z"} 2025-03-25T21:25:38+00:00 https://db.gcve.eu/sighting/49a10eda-a1d2-4784-b2ab-e30213e92f5b/export 49a10eda-a1d2-4784-b2ab-e30213e92f5b 2026-05-22T21:19:45.506558+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "49a10eda-a1d2-4784-b2ab-e30213e92f5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48256", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10717", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48256\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Technitium DNS Server before 10.0 allows a self-CNAME denial-of-service attack in which a CNAME loop causes an answer to contain hundreds of records.\n\ud83d\udccf Published: 2023-01-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-07T15:40:46.877Z\n\ud83d\udd17 References:\n1. https://github.com/TechnitiumSoftware/DnsServer/blob/master/CHANGELOG.md#version-100", "creation_timestamp": "2025-04-07T15:45:16.000000Z"} 2025-04-07T15:45:16+00:00 https://db.gcve.eu/sighting/3e2366a5-8175-49ac-bfe1-6cdc23144e96/export 3e2366a5-8175-49ac-bfe1-6cdc23144e96 2026-05-22T21:19:45.504858+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "3e2366a5-8175-49ac-bfe1-6cdc23144e96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48258", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10723", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48258\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Eternal Terminal 6.2.1, etserver and etclient have world-readable logfiles.\n\ud83d\udccf Published: 2023-01-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-07T15:38:53.064Z\n\ud83d\udd17 References:\n1. https://github.com/MisterTea/EternalTerminal/issues/555\n2. https://github.com/MisterTea/EternalTerminal/pull/556\n3. http://www.openwall.com/lists/oss-security/2023/02/16/1\n4. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/U6MO4FSKYNSAJVUXYP7LRY7ARUIGKBFL/\n5. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2RY6PKBU73I45L6YWNYCUK2XBEXEFX7L/\n6. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/NYODHZECXYFC2BNODZPZXZAXOKGMCYAP/", "creation_timestamp": "2025-04-07T15:45:25.000000Z"} 2025-04-07T15:45:25+00:00