https://db.gcve.eu/sightings/feed 2026-05-06T03:02:08.584329+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/ef6ff178-8e55-4e92-a106-7eb5dccadb9a/export 2026-05-06T03:02:08.865674+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "ef6ff178-8e55-4e92-a106-7eb5dccadb9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28652", "type": "seen", "source": "https://t.me/cibsecurity/60828", "content": "\u203c CVE-2023-28652 \u203c\n\nAn authenticated malicious user could successfully upload a malicious image could lead to a denial-of-service condition.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T00:38:05.000000Z"} 2023-03-28T00:38:05+00:00 https://db.gcve.eu/sighting/5f880e10-c10d-4063-965d-635897795f6f/export 2026-05-06T03:02:08.865532+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "5f880e10-c10d-4063-965d-635897795f6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28650", "type": "seen", "source": "https://t.me/cibsecurity/60835", "content": "\u203c CVE-2023-28650 \u203c\n\nAn unauthenticated remote attacker could provide a malicious link and trick an unsuspecting user into clicking on it. If clicked, the attacker could execute the malicious JavaScript (JS) payload in the target\u00e2\u20ac\u2122s security context.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T00:38:12.000000Z"} 2023-03-28T00:38:12+00:00 https://db.gcve.eu/sighting/44d44959-5e47-4449-83e6-289c00a7488f/export 2026-05-06T03:02:08.865386+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "44d44959-5e47-4449-83e6-289c00a7488f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28654", "type": "seen", "source": "https://t.me/cibsecurity/60975", "content": "\u203c CVE-2023-28654 \u203c\n\nOsprey Pump Controller version 1.01 has a hidden administrative account that has the hardcoded password that allows full access to the web management interface configuration. The user is not visible in Usernames and Passwords menu list of the application and the password cannot be changed through any normal operation of the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T00:52:54.000000Z"} 2023-03-29T00:52:54+00:00 https://db.gcve.eu/sighting/8a9bff8f-a6b6-4483-b250-db4ff5811fa0/export 2026-05-06T03:02:08.865239+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "8a9bff8f-a6b6-4483-b250-db4ff5811fa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28658", "type": "seen", "source": "https://t.me/cibsecurity/68286", "content": "\u203c CVE-2023-28658 \u203c\n\nInsecure inherited permissions in some Intel(R) oneMKL software before version 2022.0 may allow an authenticated user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-11T07:29:20.000000Z"} 2023-08-11T07:29:20+00:00 https://db.gcve.eu/sighting/9b572a2d-2578-452f-958f-347cf996d332/export 2026-05-06T03:02:08.865074+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "9b572a2d-2578-452f-958f-347cf996d332", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28651", "type": "seen", "source": "https://t.me/arpsyndicate/2391", "content": "#ExploitObserverAlert\n\nCVE-2023-28651\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-28651. Cross-site scripting vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. If a user who can access the affected product with an administrative privilege configures specially crafted settings, an arbitrary script may be executed on the web browser of the other user who is accessing the affected product with an administrative privilege.\n\nFIRST-EPSS: 0.000530000\nNVD-IS: 2.7\nNVD-ES: 1.7", "creation_timestamp": "2024-01-04T00:46:17.000000Z"} 2024-01-04T00:46:17+00:00 https://db.gcve.eu/sighting/35016371-6eab-4f22-9d7b-1c58163003e5/export 2026-05-06T03:02:08.864917+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "35016371-6eab-4f22-9d7b-1c58163003e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28653", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/502", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28653\n\ud83d\udd39 Description: \n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\n\nThe affected application lacks proper validation of user-supplied data when parsing project files (e.g., CSP). This could lead to a use-after-free vulnerability. An attacker could leverage this vulnerability to execute arbitrary code in the context of the current process. \n\n \n\n \n\n \n\n\n\n \n\n\n\n\n\n\n\n\n\ud83d\udccf Published: 2023-06-06T16:42:49.346Z\n\ud83d\udccf Modified: 2025-01-07T18:34:18.182Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/news-events/ics-advisories/icsa-23-143-04", "creation_timestamp": "2025-01-07T18:37:09.000000Z"} 2025-01-07T18:37:09+00:00 https://db.gcve.eu/sighting/aa706c24-0630-4f54-8af0-616fffb3c574/export 2026-05-06T03:02:08.864756+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "aa706c24-0630-4f54-8af0-616fffb3c574", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28657", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1067", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28657\n\ud83d\udd39 Description: Improper access control vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. A user of the PC where the affected product is installed may gain an administrative privilege. As a result, information regarding the product may be obtained and/or altered by the user.\n\ud83d\udccf Published: 2023-06-01T00:00:00\n\ud83d\udccf Modified: 2025-01-09T19:32:38.643Z\n\ud83d\udd17 References:\n1. https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_chs_230531_en.pdf\n2. https://www.contec.com/jp/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_chs_230531_jp.pdf\n3. https://jvn.jp/en/vu/JVNVU93372935/", "creation_timestamp": "2025-01-09T20:18:05.000000Z"} 2025-01-09T20:18:05+00:00 https://db.gcve.eu/sighting/ad507b2a-93a7-437b-8cd5-fe8128327c80/export 2026-05-06T03:02:08.864585+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "ad507b2a-93a7-437b-8cd5-fe8128327c80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28651", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1075", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28651\n\ud83d\udd39 Description: Cross-site scripting vulnerability exists in CONPROSYS HMI System (CHS) versions prior to 3.5.3. If a user who can access the affected product with an administrative privilege configures specially crafted settings, an arbitrary script may be executed on the web browser of the other user who is accessing the affected product with an administrative privilege.\n\ud83d\udccf Published: 2023-06-01T00:00:00\n\ud83d\udccf Modified: 2025-01-09T20:52:29.606Z\n\ud83d\udd17 References:\n1. https://www.contec.com/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_chs_230531_en.pdf\n2. https://www.contec.com/jp/api/downloadlogger?download=/-/media/Contec/jp/support/security-info/contec_security_chs_230531_jp.pdf\n3. https://jvn.jp/en/vu/JVNVU93372935/", "creation_timestamp": "2025-01-09T21:15:54.000000Z"} 2025-01-09T21:15:54+00:00 https://db.gcve.eu/sighting/dda7fa2c-4936-4b30-b293-9ea2e6e3cc1c/export 2026-05-06T03:02:08.864377+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "dda7fa2c-4936-4b30-b293-9ea2e6e3cc1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28652", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2180", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28652\n\ud83d\udd39 Description: An authenticated malicious user could successfully upload a malicious image could lead to a denial-of-service condition.\n\ud83d\udccf Published: 2023-03-27T19:29:45.917Z\n\ud83d\udccf Modified: 2025-01-17T17:38:34.744Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03", "creation_timestamp": "2025-01-17T17:57:15.000000Z"} 2025-01-17T17:57:15+00:00 https://db.gcve.eu/sighting/70c867d1-b8a4-455b-a935-d67923a3a5f3/export 2026-05-06T03:02:08.862412+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "70c867d1-b8a4-455b-a935-d67923a3a5f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28655", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2187", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28655\n\ud83d\udd39 Description: A malicious user could leverage this vulnerability to escalate privileges or perform unauthorized actions in the context of the targeted privileged users.\n\ud83d\udccf Published: 2023-03-27T19:38:44.049Z\n\ud83d\udccf Modified: 2025-01-17T17:34:32.909Z\n\ud83d\udd17 References:\n1. https://www.cisa.gov/news-events/ics-advisories/icsa-23-082-03", "creation_timestamp": "2025-01-17T17:57:23.000000Z"} 2025-01-17T17:57:23+00:00