Most recent sightings.

https://db.gcve.eu/sightings/feed Most recent sightings. 2026-05-06T05:48:46.387566+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/0c0a14e4-8c8b-4bf1-b625-4eb2e0f727e7/export 0c0a14e4-8c8b-4bf1-b625-4eb2e0f727e7 2026-05-06T05:48:46.632217+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "0c0a14e4-8c8b-4bf1-b625-4eb2e0f727e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5480", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/1995", "content": "\u200aCVE-2024-5480 (CVSS 10): Critical RCE Vulnerability in PyTorch Distributed RPC Framework\n\nhttps://securityonline.info/cve-2024-5480-cvss-10-critical-rce-vulnerability-in-pytorch-distributed-rpc-framework/", "creation_timestamp": "2024-06-09T12:23:01.000000Z"} 2024-06-09T12:23:01+00:00 https://db.gcve.eu/sighting/0068b9f4-a60a-4ae5-9be3-f96901dcf72b/export 0068b9f4-a60a-4ae5-9be3-f96901dcf72b 2026-05-06T05:48:46.632159+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "0068b9f4-a60a-4ae5-9be3-f96901dcf72b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5480", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10651", "content": "#exploit \n1. CVE-2023-6702:\nChrome Renderer 1day RCE via Type Confusion in Async Stack Trace\nhttps://github.com/kaist-hacking/CVE-2023-6702\n\n2. CVE-2023-43870:\nPaxton Net2 Root Certificate hard-coded credentials\nhttps://www.cryptic.red/post/shipping-your-private-key-cve-2023-43870-paxton-do-a-lenovo\n\n3. CVE-2024-5480:\nPyTorch Distributed RPC Framework RCE\nhttps://huntr.com/bounties/39811836-c5b3-4999-831e-46fee8fcade3", "creation_timestamp": "2024-06-10T20:17:20.000000Z"} 2024-06-10T20:17:20+00:00 https://db.gcve.eu/sighting/e0613209-272a-40de-ba8e-6a88e1744fc0/export e0613209-272a-40de-ba8e-6a88e1744fc0 2026-05-06T05:48:46.632104+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "e0613209-272a-40de-ba8e-6a88e1744fc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-54809", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9770", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54809\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Netgear Inc WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the parse_st_header function due to use of a request header parameter in a strncpy where size is determined based on the input specified. By sending a specially crafted packet, an attacker can take control of the program counter and hijack control flow of the program to execute arbitrary system commands.\n\ud83d\udccf Published: 2025-03-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-31T20:47:50.111Z\n\ud83d\udd17 References:\n1. https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#809", "creation_timestamp": "2025-03-31T21:31:34.000000Z"} 2025-03-31T21:31:34+00:00 https://db.gcve.eu/sighting/d5dff9bc-de4a-43a5-a451-58f8cc1c3688/export d5dff9bc-de4a-43a5-a451-58f8cc1c3688 2026-05-06T05:48:46.632055+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "d5dff9bc-de4a-43a5-a451-58f8cc1c3688", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-54808", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9771", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54808\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Netgear WNR854T 1.5.2 (North America) contains a stack-based buffer overflow vulnerability in the SetDefaultConnectionService function due to an unconstrained use of sscanf. The vulnerability allows for control of the program counter and can be utilized to achieve arbitrary code execution.\n\ud83d\udccf Published: 2025-03-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-31T20:47:09.614Z\n\ud83d\udd17 References:\n1. https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#808", "creation_timestamp": "2025-03-31T21:31:35.000000Z"} 2025-03-31T21:31:35+00:00 https://db.gcve.eu/sighting/0468ee78-27c0-4877-b2ea-0c05d63ac3ae/export 0468ee78-27c0-4877-b2ea-0c05d63ac3ae 2026-05-06T05:48:46.632003+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "0468ee78-27c0-4877-b2ea-0c05d63ac3ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-54807", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9772", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54807\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Netgear WNR854T 1.5.2 (North America), the UPNP service is vulnerable to command injection in the function addmap_exec which parses the NewInternalClient parameter of the AddPortMapping SOAPAction into a system call without sanitation. An attacker can send a specially crafted SOAPAction request for AddPortMapping via the router's WANIPConn1 service to achieve arbitrary command execution.\n\ud83d\udccf Published: 2025-03-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-31T20:46:38.611Z\n\ud83d\udd17 References:\n1. https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#807", "creation_timestamp": "2025-03-31T21:31:36.000000Z"} 2025-03-31T21:31:36+00:00 https://db.gcve.eu/sighting/75c106d8-3ba6-4518-9c59-db0bd40bbd3d/export 75c106d8-3ba6-4518-9c59-db0bd40bbd3d 2026-05-06T05:48:46.631950+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "75c106d8-3ba6-4518-9c59-db0bd40bbd3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-54806", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9773", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54806\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Netgear WNR854T 1.5.2 (North America) is vulnerable to Arbitrary command execution in cmd.cgi which allows for the execution of system commands via the web interface.\n\ud83d\udccf Published: 2025-03-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-31T20:45:57.318Z\n\ud83d\udd17 References:\n1. https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#806", "creation_timestamp": "2025-03-31T21:31:37.000000Z"} 2025-03-31T21:31:37+00:00 https://db.gcve.eu/sighting/873a784c-721f-4cb1-b463-dfdfd8f0f1ff/export 873a784c-721f-4cb1-b463-dfdfd8f0f1ff 2026-05-06T05:48:46.631897+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "873a784c-721f-4cb1-b463-dfdfd8f0f1ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-54805", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9774", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54805\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter get_email. After which, they can visit the send_log.cgi endpoint which uses the parameter in a system call to achieve command execution.\n\ud83d\udccf Published: 2025-03-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-31T20:44:28.739Z\n\ud83d\udd17 References:\n1. https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#805", "creation_timestamp": "2025-03-31T21:31:38.000000Z"} 2025-03-31T21:31:38+00:00 https://db.gcve.eu/sighting/3dee84a7-d57a-4386-a2db-320199133699/export 3dee84a7-d57a-4386-a2db-320199133699 2026-05-06T05:48:46.631841+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "3dee84a7-d57a-4386-a2db-320199133699", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-54804", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9775", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54804\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter wan_hostname and forcing a reboot. This will result in command injection.\n\ud83d\udccf Published: 2025-03-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-31T20:43:42.235Z\n\ud83d\udd17 References:\n1. https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#804", "creation_timestamp": "2025-03-31T21:31:39.000000Z"} 2025-03-31T21:31:39+00:00 https://db.gcve.eu/sighting/b0bb15d0-db27-4456-85e2-91937b647bfd/export b0bb15d0-db27-4456-85e2-91937b647bfd 2026-05-06T05:48:46.631762+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "b0bb15d0-db27-4456-85e2-91937b647bfd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-54803", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9776", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54803\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Netgear WNR854T 1.5.2 (North America) is vulnerable to Command Injection. An attacker can send a specially crafted request to post.cgi, updating the nvram parameter pppoe_peer_mac and forcing a reboot. This will result in command injection.\n\ud83d\udccf Published: 2025-03-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-31T20:42:44.512Z\n\ud83d\udd17 References:\n1. https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#803", "creation_timestamp": "2025-03-31T21:31:43.000000Z"} 2025-03-31T21:31:43+00:00 https://db.gcve.eu/sighting/90f7ff52-4c34-4582-b177-ebcd03443a12/export 90f7ff52-4c34-4582-b177-ebcd03443a12 2026-05-06T05:48:46.629946+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "90f7ff52-4c34-4582-b177-ebcd03443a12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-54802", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9777", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-54802\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Netgear WNR854T 1.5.2 (North America), the UPNP service (/usr/sbin/upnp) is vulnerable to stack-based buffer overflow in the M-SEARCH Host header.\n\ud83d\udccf Published: 2025-03-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-31T20:41:54.951Z\n\ud83d\udd17 References:\n1. https://faultpoint.com/post/2025-03-25-8-cves-on-the-wnr854t-junkyard/#802", "creation_timestamp": "2025-03-31T21:31:44.000000Z"} 2025-03-31T21:31:44+00:00