<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://db.gcve.eu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-12T05:39:06.247111+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@gcve.eu</email>
  </author>
  <link href="https://db.gcve.eu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://db.gcve.eu/sighting/68547e2a-d1f4-4f36-809e-9cabfc4c992f/export</id>
    <title>68547e2a-d1f4-4f36-809e-9cabfc4c992f</title>
    <updated>2026-07-12T05:39:06.270604+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "68547e2a-d1f4-4f36-809e-9cabfc4c992f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52880", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16689", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52880\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Insyde InsydeH2O kernel 5.2 before version 05.29.50, kernel 5.3 before version 05.38.50, kernel 5.4 before version 05.46.50, kernel 5.5 before version 05.54.50, kernel 5.6 before version 05.61.50, and kernel 5.7 before version 05.70.50. In VariableRuntimeDxe driver, SecureBootHandler uses DataSize and VariableNameSize when determining if the data or name are in the buffer, but these are supplied by the caller and therefore cannot be trusted.\n\ud83d\udccf Published: 2025-05-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-16T14:19:59.789Z\n\ud83d\udd17 References:\n1. https://www.insyde.com/security-pledge\n2. https://www.insyde.com/security-pledge/sa-2024016/", "creation_timestamp": "2025-05-16T14:39:39.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/68547e2a-d1f4-4f36-809e-9cabfc4c992f/export"/>
    <published>2025-05-16T14:39:39+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/1151baf4-196b-468d-88d9-46a13ef13025/export</id>
    <title>1151baf4-196b-468d-88d9-46a13ef13025</title>
    <updated>2026-07-12T05:39:06.272706+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "1151baf4-196b-468d-88d9-46a13ef13025", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52888", "type": "seen", "source": "https://t.me/cvedetector/23836", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52888 - Apache Struts Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-52888 \nPublished : April 27, 2025, 8:15 a.m. | 2\u00a0hours, 20\u00a0minutes ago \nDescription : For an authenticated end-user the portal may run a script while attempting to display a directory or some file's properties. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-27T12:58:36.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/1151baf4-196b-468d-88d9-46a13ef13025/export"/>
    <published>2025-04-27T12:58:36+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/b65b5ac7-dbb3-4ae4-85fc-46966a283857/export</id>
    <title>b65b5ac7-dbb3-4ae4-85fc-46966a283857</title>
    <updated>2026-07-12T05:39:06.272783+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "b65b5ac7-dbb3-4ae4-85fc-46966a283857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52887", "type": "seen", "source": "https://t.me/cvedetector/23835", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52887 - Shrew Soft VPN Bookmark Script Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52887 \nPublished : April 27, 2025, 8:15 a.m. | 2\u00a0hours, 20\u00a0minutes ago \nDescription : Authenticated end-user may set a specially crafted SNX bookmark that can make their browser run a script while accessing their own bookmark list. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-27T12:58:35.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/b65b5ac7-dbb3-4ae4-85fc-46966a283857/export"/>
    <published>2025-04-27T12:58:35+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/06a81a47-110e-4db2-b9f6-161127651ef2/export</id>
    <title>06a81a47-110e-4db2-b9f6-161127651ef2</title>
    <updated>2026-07-12T05:39:06.272841+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "06a81a47-110e-4db2-b9f6-161127651ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52888", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lns5uau4rl2b", "content": "", "creation_timestamp": "2025-04-27T11:34:50.237155Z"}</content>
    <link href="https://db.gcve.eu/sighting/06a81a47-110e-4db2-b9f6-161127651ef2/export"/>
    <published>2025-04-27T11:34:50.237155+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/a6c0641b-aa54-480e-921b-e3fb5d5eb1f4/export</id>
    <title>a6c0641b-aa54-480e-921b-e3fb5d5eb1f4</title>
    <updated>2026-07-12T05:39:06.272895+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "a6c0641b-aa54-480e-921b-e3fb5d5eb1f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52887", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lns5uaah2t2l", "content": "", "creation_timestamp": "2025-04-27T11:34:47.862393Z"}</content>
    <link href="https://db.gcve.eu/sighting/a6c0641b-aa54-480e-921b-e3fb5d5eb1f4/export"/>
    <published>2025-04-27T11:34:47.862393+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/a4d43c9f-1d12-48b2-8bbe-9923c942039c/export</id>
    <title>a4d43c9f-1d12-48b2-8bbe-9923c942039c</title>
    <updated>2026-07-12T05:39:06.272946+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "a4d43c9f-1d12-48b2-8bbe-9923c942039c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52888", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lns563a62sp2", "content": "", "creation_timestamp": "2025-04-27T11:23:48.905369Z"}</content>
    <link href="https://db.gcve.eu/sighting/a4d43c9f-1d12-48b2-8bbe-9923c942039c/export"/>
    <published>2025-04-27T11:23:48.905369+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/f57a8f04-3896-4a53-a679-f3fb442c3542/export</id>
    <title>f57a8f04-3896-4a53-a679-f3fb442c3542</title>
    <updated>2026-07-12T05:39:06.272995+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "f57a8f04-3896-4a53-a679-f3fb442c3542", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52887", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lns564rwbto2", "content": "", "creation_timestamp": "2025-04-27T11:23:48.243191Z"}</content>
    <link href="https://db.gcve.eu/sighting/f57a8f04-3896-4a53-a679-f3fb442c3542/export"/>
    <published>2025-04-27T11:23:48.243191+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/50f2ecc3-d422-4860-a668-cd2e6d905c77/export</id>
    <title>50f2ecc3-d422-4860-a668-cd2e6d905c77</title>
    <updated>2026-07-12T05:39:06.273045+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "50f2ecc3-d422-4860-a668-cd2e6d905c77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52887", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13609", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52887\n\ud83d\udd25 CVSS Score: 3.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: Authenticated end-user may set a specially crafted SNX bookmark that can make their browser run a script while accessing their own bookmark list.\n\ud83d\udccf Published: 2025-04-27T07:46:23.027Z\n\ud83d\udccf Modified: 2025-04-27T07:46:23.027Z\n\ud83d\udd17 References:\n1. https://support.checkpoint.com/results/sk/sk183054", "creation_timestamp": "2025-04-27T08:08:55.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/50f2ecc3-d422-4860-a668-cd2e6d905c77/export"/>
    <published>2025-04-27T08:08:55+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/da897b82-7744-4f05-bebe-23d502270ee2/export</id>
    <title>da897b82-7744-4f05-bebe-23d502270ee2</title>
    <updated>2026-07-12T05:39:06.273098+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "da897b82-7744-4f05-bebe-23d502270ee2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52888", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13608", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52888\n\ud83d\udd25 CVSS Score: 5.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: For an authenticated end-user the portal may run a script while attempting to display a directory or some file's properties.\n\ud83d\udccf Published: 2025-04-27T07:46:53.542Z\n\ud83d\udccf Modified: 2025-04-27T07:46:53.542Z\n\ud83d\udd17 References:\n1. https://support.checkpoint.com/results/sk/sk183055", "creation_timestamp": "2025-04-27T08:08:54.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/da897b82-7744-4f05-bebe-23d502270ee2/export"/>
    <published>2025-04-27T08:08:54+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/861d9180-e9dc-4611-85f0-fec88bdc6a29/export</id>
    <title>861d9180-e9dc-4611-85f0-fec88bdc6a29</title>
    <updated>2026-07-12T05:39:06.273150+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "861d9180-e9dc-4611-85f0-fec88bdc6a29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52882", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3819", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52882\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to improper neutralization of input via the devices API, an attacker can inject malicious JavaScript code (XSS) to attack logged-in administrator sessions.\n\ud83d\udccf Published: 2025-02-07T18:31:21Z\n\ud83d\udccf Modified: 2025-02-07T18:31:21Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-52882\n2. https://www.audiocodes.com/solutions-products/products/management-products-solutions/one-voice-operations-center\n3. https://www.syss.de/fileadmin/dokumente/Publikationen/Advisories/SYSS-2024-076.txt", "creation_timestamp": "2025-02-07T19:04:15.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/861d9180-e9dc-4611-85f0-fec88bdc6a29/export"/>
    <published>2025-02-07T19:04:15+00:00</published>
  </entry>
</feed>
