https://db.gcve.eu/sightings/feedMost recent sightings.2026-06-04T08:33:14.341822+00:00Vulnerability-Lookupinfo@gcve.eupython-feedgenContains only the most 10 recent sightings.https://db.gcve.eu/sighting/ce80500f-41cf-4dc3-873d-056707f962ba/exportce80500f-41cf-4dc3-873d-056707f962ba2026-06-04T08:33:14.577189+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "ce80500f-41cf-4dc3-873d-056707f962ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45030", "type": "seen", "source": "https://t.me/cvedetector/5372", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45030 - Intel igb Linux Kernel Fragment Corruption Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-45030 \nPublished : Sept. 11, 2024, 4:15 p.m. | 16\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nigb: cope with large MAX_SKB_FRAGS \n \nSabrina reports that the igb driver does not cope well with large \nMAX_SKB_FRAG values: setting MAX_SKB_FRAG to 45 causes payload \ncorruption on TX. \n \nAn easy reproducer is to run ssh to connect to the machine. With \nMAX_SKB_FRAGS=17 it works, with MAX_SKB_FRAGS=45 it fails. This has \nbeen reported originally in \n \n \nThe root cause of the issue is that the driver does not take into \naccount properly the (possibly large) shared info size when selecting \nthe ring layout, and will try to fit two packets inside the same 4K \npage even when the 1st fraglist will trump over the 2nd head. \n \nAddress the issue by checking if 2K buffers are insufficient. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-11T18:41:27.000000Z"}2024-09-11T18:41:27+00:00https://db.gcve.eu/sighting/6bf53e23-5669-4192-9df0-ec598e59c6ee/export6bf53e23-5669-4192-9df0-ec598e59c6ee2026-06-04T08:33:14.577091+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "6bf53e23-5669-4192-9df0-ec598e59c6ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45031", "type": "seen", "source": "https://t.me/cvedetector/8803", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45031 - Apache Syncope Stored Cross-Site Scripting (XSS) Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-45031 \nPublished : Oct. 24, 2024, 3:15 p.m. | 19\u00a0minutes ago \nDescription : When editing objects in the Syncope Console, incomplete HTML tags could be used to bypass HTML sanitization. This made it possible to inject stored XSS payloads which would trigger for other users during ordinary usage of the application. \nXSS payloads could also be injected in Syncope Enduser when editing \u201cPersonal Information\u201d or \u201cUser Requests\u201d: such payloads would trigger for administrators in Syncope Console, thus enabling session hijacking. \n \nUsers are recommended to upgrade to version 3.0.9, which fixes this issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-24T17:39:16.000000Z"}2024-10-24T17:39:16+00:00https://db.gcve.eu/sighting/58f5b2c2-700c-4c52-9e8f-b50132975407/export58f5b2c2-700c-4c52-9e8f-b501329754072026-06-04T08:33:14.576999+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "58f5b2c2-700c-4c52-9e8f-b50132975407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45031", "type": "seen", "source": "https://t.me/HackerArsenal/625", "content": "\u203c\ufe0f CVE-2024-45031 \u203c\ufe0f\n\nWhen editing objects in the Syncope Console, incomplete HTML tags could be used to bypass HTML sanitization. This made it possible to inject stored XSS payloads which would trigger for other users during ordinary usage of the application. XSS payloads could also be injected in Syncope Enduser when editing Personal Information or User Requests such payloads would trigger for administrators in Syncope Console, thus enabling session hijacking. Users are recommended to upgrade to version 3.0.9, which fixes this issue.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"National Vulnerability Database\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity_CVEs", "creation_timestamp": "2024-10-24T20:06:50.000000Z"}2024-10-24T20:06:50+00:00https://db.gcve.eu/sighting/c12a36a9-240c-4dd0-8f9d-337dcd729fba/exportc12a36a9-240c-4dd0-8f9d-337dcd729fba2026-06-04T08:33:14.576859+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "c12a36a9-240c-4dd0-8f9d-337dcd729fba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45033", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113791870409998283", "content": "", "creation_timestamp": "2025-01-08T08:49:08.107904Z"}2025-01-08T08:49:08.107904+00:00https://db.gcve.eu/sighting/2726bd71-81c2-4d30-8816-f21d0a5fc928/export2726bd71-81c2-4d30-8816-f21d0a5fc9282026-06-04T08:33:14.576641+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "2726bd71-81c2-4d30-8816-f21d0a5fc928", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45033", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/679", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45033\n\ud83d\udd39 Description: Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider.\n\nThis issue affects Apache Airflow Fab Provider: before 1.5.2.\n\nWhen user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged users could continue to be logged in even after the password was changed. This only happened when the password was changed with CLI. The problem does not happen in case change was done with webserver thus this is different from\u00a0 CVE-2023-40273 https://github.com/advisories/GHSA-pm87-24wq-r8w9 \u00a0which was addressed in Apache-Airflow 2.7.0\n\n\nUsers are recommended to upgrade to version 1.5.2, which fixes the issue.\n\ud83d\udccf Published: 2025-01-08T08:41:39.579Z\n\ud83d\udccf Modified: 2025-01-08T08:41:39.579Z\n\ud83d\udd17 References:\n1. https://github.com/apache/airflow/pull/45139\n2. https://lists.apache.org/thread/yw535346rk766ybzpqtvrl36sjj789st", "creation_timestamp": "2025-01-08T09:12:24.000000Z"}2025-01-08T09:12:24+00:00https://db.gcve.eu/sighting/81e48291-6db2-4e69-9fbb-39ef9163a654/export81e48291-6db2-4e69-9fbb-39ef9163a6542026-06-04T08:33:14.576439+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "81e48291-6db2-4e69-9fbb-39ef9163a654", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45033", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf7tba3pni22", "content": "", "creation_timestamp": "2025-01-08T09:15:44.370026Z"}2025-01-08T09:15:44.370026+00:00https://db.gcve.eu/sighting/13018462-c14f-47bd-a8b6-25f97d5d7260/export13018462-c14f-47bd-a8b6-25f97d5d72602026-06-04T08:33:14.576186+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "13018462-c14f-47bd-a8b6-25f97d5d7260", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45033", "type": "seen", "source": "https://t.me/cvedetector/14673", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45033 - Apache Airflow Fab Provider Insufficient Session Expiration Remote Authentication Bypass\", \n \"Content\": \"CVE ID : CVE-2024-45033 \nPublished : Jan. 8, 2025, 9:15 a.m. | 30\u00a0minutes ago \nDescription : Insufficient Session Expiration vulnerability in Apache Airflow Fab Provider. \n \nThis issue affects Apache Airflow Fab Provider: before 1.5.2. \n \nWhen user password has been changed with admin CLI, the sessions for that user have not been cleared, leading to insufficient session expiration, thus logged users could continue to be logged in even after the password was changed. This only happened when the password was changed with CLI. The problem does not happen in case change was done with webserver thus this is different from\u00a0 CVE-2023-40273 \u00a0which was addressed in Apache-Airflow 2.7.0 \n \n \nUsers are recommended to upgrade to version 1.5.2, which fixes the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"08 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-08T10:47:49.000000Z"}2025-01-08T10:47:49+00:00https://db.gcve.eu/sighting/d581d9cc-3dff-4f51-a061-94a8d2bf0563/exportd581d9cc-3dff-4f51-a061-94a8d2bf05632026-06-04T08:33:14.575954+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "d581d9cc-3dff-4f51-a061-94a8d2bf0563", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45033", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf7yqhc2km2k", "content": "", "creation_timestamp": "2025-01-08T10:53:44.005273Z"}2025-01-08T10:53:44.005273+00:00https://db.gcve.eu/sighting/95a4f653-5de5-491a-b33a-4ec2c816d49f/export95a4f653-5de5-491a-b33a-4ec2c816d49f2026-06-04T08:33:14.575692+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "95a4f653-5de5-491a-b33a-4ec2c816d49f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45033", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113793283502587294", "content": "", "creation_timestamp": "2025-01-08T14:48:30.929165Z"}2025-01-08T14:48:30.929165+00:00https://db.gcve.eu/sighting/25335a05-c2c0-44a8-a5e9-fc8f583b953b/export25335a05-c2c0-44a8-a5e9-fc8f583b953b2026-06-04T08:33:14.573299+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "25335a05-c2c0-44a8-a5e9-fc8f583b953b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45033", "type": "seen", "source": "https://bsky.app/profile/infosec.skyfleet.blue/post/3lfaj3hdb4p25", "content": "", "creation_timestamp": "2025-01-08T15:46:13.324355Z"}2025-01-08T15:46:13.324355+00:00