https://db.gcve.eu/sightings/feed 2026-05-26T02:35:54.726048+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/a3eaeef6-e4ba-447c-b378-cb1855ec0ea6/export 2026-05-26T02:35:55.067285+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "a3eaeef6-e4ba-447c-b378-cb1855ec0ea6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28398", "type": "seen", "source": "https://t.me/cibsecurity/60953", "content": "\u203c CVE-2023-28398 \u203c\n\nOsprey Pump Controller version 1.01 could allow an unauthenticated user to create an account and bypass authentication, thereby gaining unauthorized access to the system. A threat actor could exploit this vulnerability to create a user account without providing valid credentials. A threat actor who successfully exploits this vulnerability could gain access to the pump controller and cause disruption in operation, modify data, or shut down the controller.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T00:45:55.000000Z"} 2023-03-29T00:45:55+00:00 https://db.gcve.eu/sighting/5b0e2c87-5082-4439-950a-4b30072ba58b/export 2026-05-26T02:35:55.067208+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "5b0e2c87-5082-4439-950a-4b30072ba58b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2839", "type": "seen", "source": "https://t.me/cibsecurity/64562", "content": "\u203c CVE-2023-2839 \u203c\n\nDivide By Zero in GitHub repository gpac/gpac prior to 2.2.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-22T22:24:52.000000Z"} 2023-05-22T22:24:52+00:00 https://db.gcve.eu/sighting/240cbbfc-897a-4476-be51-05fcdf98abbc/export 2026-05-26T02:35:55.067124+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "240cbbfc-897a-4476-be51-05fcdf98abbc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28394", "type": "seen", "source": "https://t.me/cibsecurity/64607", "content": "\u203c CVE-2023-28394 \u203c\n\nBeekeeper Studio versions prior to 3.9.9 allows a remote authenticated attacker to execute arbitrary JavaScript code with the privilege of the application on the PC where the affected product is installed. As a result, an arbitrary OS command may be executed as well.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-23T07:25:27.000000Z"} 2023-05-23T07:25:27+00:00 https://db.gcve.eu/sighting/765d7909-da76-4bb8-a420-391512432b54/export 2026-05-26T02:35:55.067046+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "765d7909-da76-4bb8-a420-391512432b54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28396", "type": "seen", "source": "https://t.me/ctinow/201203", "content": "https://ift.tt/1Ocf4UH\nCVE-2023-28396 | Intel Thunderbol Controllers denial of service (intel-sa-00895)", "creation_timestamp": "2024-03-06T11:11:58.000000Z"} 2024-03-06T11:11:58+00:00 https://db.gcve.eu/sighting/44dede26-c970-4968-bcb5-a6939fc15808/export 2026-05-26T02:35:55.066960+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "44dede26-c970-4968-bcb5-a6939fc15808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28399", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1074", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28399\n\ud83d\udd39 Description: Incorrect permission assignment for critical resource exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. ACL (Access Control List) is not appropriately set to the local folder where the affected product is installed, therefore a wide range of privileges is permitted to a user of the PC where the affected product is installed. As a result, the user may be able to destroy the system and/or execute a malicious program.\n\ud83d\udccf Published: 2023-06-01T00:00:00\n\ud83d\udccf Modified: 2025-01-09T20:53:21.940Z\n\ud83d\udd17 References:\n1. https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_chs_230531_en.pdf\n2. https://www.contec.com/jp/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_chs_230531_jp.pdf\n3. https://jvn.jp/en/vu/JVNVU93372935/", "creation_timestamp": "2025-01-09T21:15:43.000000Z"} 2025-01-09T21:15:43+00:00 https://db.gcve.eu/sighting/069f7703-9a17-441b-afaf-29a54674029b/export 2026-05-26T02:35:55.066870+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "069f7703-9a17-441b-afaf-29a54674029b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28394", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2192", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28394\n\ud83d\udd39 Description: Beekeeper Studio versions prior to 3.9.9 allows a remote authenticated attacker to execute arbitrary JavaScript code with the privilege of the application on the PC where the affected product is installed. As a result, an arbitrary OS command may be executed as well.\n\ud83d\udccf Published: 2023-05-23T00:00:00\n\ud83d\udccf Modified: 2025-01-17T18:22:57.938Z\n\ud83d\udd17 References:\n1. https://www.beekeeperstudio.io/\n2. https://github.com/beekeeper-studio/beekeeper-studio\n3. https://jvn.jp/en/jp/JVN11705010/", "creation_timestamp": "2025-01-17T18:57:04.000000Z"} 2025-01-17T18:57:04+00:00 https://db.gcve.eu/sighting/9b98a5cf-b1a8-449a-891d-0564198f10a3/export 2026-05-26T02:35:55.066741+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "9b98a5cf-b1a8-449a-891d-0564198f10a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28392", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2193", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28392\n\ud83d\udd39 Description: Wi-Fi AP UNIT AC-PD-WAPU v1.05_B04 and earlier, AC-PD-WAPUM v1.05_B04 and earlier, AC-PD-WAPU-P v1.05_B04P and earlier, AC-PD-WAPUM-P v1.05_B04P and earlier, AC-WAPU-300 v1.00_B07 and earlier, AC-WAPU-300-P v1.00_B08P and earlier, AC-WAPUM-300 v1.00_B07 and earlier, and AC-WAPUM-300-P v1.00_B08P and earlier allow an authenticated user with an administrative privilege to execute an arbitrary OS command.\n\ud83d\udccf Published: 2023-05-23T00:00:00\n\ud83d\udccf Modified: 2025-01-17T18:20:55.636Z\n\ud83d\udd17 References:\n1. https://www.inaba.co.jp/abaniact/news/Wi-Fi%20AP%20UNIT%E3%80%8CAC-WAPU-300%E3%80%8D%E3%81%AB%E3%81%8A%E3%81%91%E3%82%8BOS%E3%82%B3%E3%83%9E%E3%83%B3%E3%83%89%E3%82%A4%E3%83%B3%E3%82%B8%E3%82%A7%E3%82%AF%E3%82%B7%E3%83%A7%E3%83%B3%E3%81%AE%E8%84%86%E5%BC%B1%E6%80%A7%E3%81%AB%E3%81%A4%E3%81%84%E3%81%A6.pdf\n2. https://jvn.jp/en/vu/JVNVU98968780/\n3. https://jvn.jp/en/jp/JVN28412757/", "creation_timestamp": "2025-01-17T18:57:05.000000Z"} 2025-01-17T18:57:05+00:00 https://db.gcve.eu/sighting/75fb7bba-46db-4e68-84b2-fa74864b4346/export 2026-05-26T02:35:55.064837+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "75fb7bba-46db-4e68-84b2-fa74864b4346", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28390", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2194", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28390\n\ud83d\udd39 Description: Privilege escalation vulnerability in SR-7100VN firmware Ver.1.38(N) and earlier and SR-7100VN #31 firmware Ver.1.21 and earlier allows a network-adjacent attacker with administrative privilege of the affected product to obtain an administrative privilege of the OS (Operating System). As a result, an arbitrary OS command may be executed.\n\ud83d\udccf Published: 2023-05-23T00:00:00\n\ud83d\udccf Modified: 2025-01-17T18:19:45.140Z\n\ud83d\udd17 References:\n1. https://www.icom.co.jp/news/7239/\n2. https://jvn.jp/en/jp/JVN80476232/", "creation_timestamp": "2025-01-17T18:57:09.000000Z"} 2025-01-17T18:57:09+00:00