https://db.gcve.eu/sightings/feed 2026-05-01T15:44:02.216908+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/e0284810-4eea-4854-bca3-8a9a63e1533b/export 2026-05-01T15:44:02.441142+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "e0284810-4eea-4854-bca3-8a9a63e1533b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55887", "type": "seen", "source": "https://t.me/cvedetector/12896", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-55887 - Ucum-Java XML External Entity Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-55887 \nPublished : Dec. 13, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Ucum-java is a FHIR Java library providing UCUM Services. In versions prior to 1.0.9, XML parsing performed by the UcumEssenceService is vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where ucum is being used to within a host where external clients can submit XML. Release 1.0.9 of Ucum-java fixes this vulnerability. As a workaround, ensure that the source xml for instantiating UcumEssenceService is trusted. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-13T18:17:15.000000Z"} 2024-12-13T18:17:15+00:00 https://db.gcve.eu/sighting/75d1dff3-2844-425f-93a1-24c475f8c989/export 2026-05-01T15:44:02.441094+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "75d1dff3-2844-425f-93a1-24c475f8c989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55884", "type": "seen", "source": "https://t.me/CyberBulletin/1756", "content": "\u26a1\ufe0fCVE-2024-55884 (CVSS 9.0): Critical Vulnerability Found in Mullvad VPN.\n\n#CyberBulletin", "creation_timestamp": "2024-12-16T05:51:19.000000Z"} 2024-12-16T05:51:19+00:00 https://db.gcve.eu/sighting/b060dd03-6a7c-4a15-b89c-c04313efe39f/export 2026-05-01T15:44:02.441043+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "b060dd03-6a7c-4a15-b89c-c04313efe39f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55884", "type": "seen", "source": "https://t.me/CyberBulletin/26818", "content": "\u26a1\ufe0fCVE-2024-55884 (CVSS 9.0): Critical Vulnerability Found in Mullvad VPN.\n\n#CyberBulletin", "creation_timestamp": "2024-12-16T05:51:19.000000Z"} 2024-12-16T05:51:19+00:00 https://db.gcve.eu/sighting/f362d431-9bda-48cf-9d30-95784af65ed6/export 2026-05-01T15:44:02.440992+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "f362d431-9bda-48cf-9d30-95784af65ed6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55881", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfhs5rvfru25", "content": "", "creation_timestamp": "2025-01-11T13:17:13.486700Z"} 2025-01-11T13:17:13.486700+00:00 https://db.gcve.eu/sighting/6f892d7a-23e5-40ad-bfe2-c12a21f569fd/export 2026-05-01T15:44:02.440941+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "6f892d7a-23e5-40ad-bfe2-c12a21f569fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55881", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfhtoclm4m2h", "content": "", "creation_timestamp": "2025-01-11T13:44:22.507493Z"} 2025-01-11T13:44:22.507493+00:00 https://db.gcve.eu/sighting/ae11f292-5865-42b4-a833-70c1ecf0d87a/export 2026-05-01T15:44:02.440874+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "ae11f292-5865-42b4-a833-70c1ecf0d87a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55881", "type": "seen", "source": "https://t.me/cvedetector/15072", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-55881 - \"KVM AMD x86 Hypercall Detection Vulnerability\"\", \n \"Content\": \"CVE ID : CVE-2024-55881 \nPublished : Jan. 11, 2025, 1:15 p.m. | 35\u00a0minutes ago \nDescription : In the Linux kernel, the following vulnerability has been resolved: \n \nKVM: x86: Play nice with protected guests in complete_hypercall_exit() \n \nUse is_64_bit_hypercall() instead of is_64_bit_mode() to detect a 64-bit \nhypercall when completing said hypercall. For guests with protected state, \ne.g. SEV-ES and SEV-SNP, KVM must assume the hypercall was made in 64-bit \nmode as the vCPU state needed to detect 64-bit mode is unavailable. \n \nHacking the sev_smoke_test selftest to generate a KVM_HC_MAP_GPA_RANGE \nhypercall via VMGEXIT trips the WARN: \n \n ------------[ cut here ]------------ \n WARNING: CPU: 273 PID: 326626 at arch/x86/kvm/x86.h:180 complete_hypercall_exit+0x44/0xe0 [kvm] \n Modules linked in: kvm_amd kvm ... [last unloaded: kvm] \n CPU: 273 UID: 0 PID: 326626 Comm: sev_smoke_test Not tainted 6.12.0-smp--392e932fa0f3-feat #470 \n Hardware name: Google Astoria/astoria, BIOS 0.20240617.0-0 06/17/2024 \n RIP: 0010:complete_hypercall_exit+0x44/0xe0 [kvm] \n Call Trace: \n \n kvm_arch_vcpu_ioctl_run+0x2400/0x2720 [kvm] \n kvm_vcpu_ioctl+0x54f/0x630 [kvm] \n __se_sys_ioctl+0x6b/0xc0 \n do_syscall_64+0x83/0x160 \n entry_SYSCALL_64_after_hwframe+0x76/0x7e \n \n ---[ end trace 0000000000000000 ]--- \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-11T14:55:25.000000Z"} 2025-01-11T14:55:25+00:00 https://db.gcve.eu/sighting/5b53bf4a-2d26-46c0-a2b2-9f5325203e7a/export 2026-05-01T15:44:02.440790+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "5b53bf4a-2d26-46c0-a2b2-9f5325203e7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5588", "type": "seen", "source": "Telegram/646mn707z2aukIdMIE8y42TevM_HCExiW9LUaPOyfXFp40gm", "content": "", "creation_timestamp": "2025-02-14T10:01:40.000000Z"} 2025-02-14T10:01:40+00:00 https://db.gcve.eu/sighting/ccc25f70-4272-4cb9-aa4e-92e0faf813c7/export 2026-05-01T15:44:02.440578+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "ccc25f70-4272-4cb9-aa4e-92e0faf813c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55889", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmzyvzbvee2u", "content": "", "creation_timestamp": "2025-04-17T21:02:37.104935Z"} 2025-04-17T21:02:37.104935+00:00 https://db.gcve.eu/sighting/d1befeaa-c79e-49cc-9608-a3e819b09b9f/export 2026-05-01T15:44:02.440269+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "d1befeaa-c79e-49cc-9608-a3e819b09b9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55884", "type": "seen", "source": "https://t.me/CyberBulletin/10688", "content": "Unlike the Ivanti vulnerabilities, exploitation here requires valid user credentials. By submitting specially crafted session attributes during SSL VPN establishment, an authenticated attacker could repeatedly crash the VPN server, disrupting service for legitimate users.\n\nWhile the server automatically recovers after each crash, sustained exploitation could render VPN services effectively unusable for extended periods.\n\n\n---\n\nCVE-2024-55884: Critical Vulnerability in Mullvad VPN Applications\n\nIn an independent white-box security review conducted by X41 D-Sec GmbH, several serious vulnerabilities were discovered in Mullvad VPN across all platforms. The most severe, CVE-2024-55884 (CVSS 9.0), involved an out-of-bounds memory write caused by insufficiently sized alternate signal stacks in exception handlers.\n\nImpact:\n\nUnder carefully engineered conditions, an attacker could remotely trigger signals causing memory corruption, potentially leading to heap overflows and application compromise. The underlying issue stemmed from poor management of Unix signal handling (exception_logging/unix.rs).\n\n\n---\n\nConclusion\n\nThe vulnerabilities revealed over the past six months provide a stark reminder: VPNs, while often marketed as silver bullets for privacy and security, can themselves introduce significant risks. As sophisticated threat actors continue targeting VPN infrastructures, organizations and individuals must remain vigilant \u2014 promptly applying patches, retiring unsupported systems, and reassessing their dependency on VPN technologies as a cornerstone of security strategies.\n\nSecurity through obscurity is no longer sufficient. Zero-trust principles, segmentation, and layered defenses must complement traditional VPN deployments to effectively mitigate modern threats.\n\n#HackersFactory", "creation_timestamp": "2025-04-27T03:42:30.000000Z"} 2025-04-27T03:42:30+00:00 https://db.gcve.eu/sighting/bfd267df-df21-4769-a55b-417b2e7c92f0/export 2026-05-01T15:44:02.438139+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "bfd267df-df21-4769-a55b-417b2e7c92f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55884", "type": "seen", "source": "https://t.me/CyberBulletin/3125", "content": "Unlike the Ivanti vulnerabilities, exploitation here requires valid user credentials. By submitting specially crafted session attributes during SSL VPN establishment, an authenticated attacker could repeatedly crash the VPN server, disrupting service for legitimate users.\n\nWhile the server automatically recovers after each crash, sustained exploitation could render VPN services effectively unusable for extended periods.\n\n\n---\n\nCVE-2024-55884: Critical Vulnerability in Mullvad VPN Applications\n\nIn an independent white-box security review conducted by X41 D-Sec GmbH, several serious vulnerabilities were discovered in Mullvad VPN across all platforms. The most severe, CVE-2024-55884 (CVSS 9.0), involved an out-of-bounds memory write caused by insufficiently sized alternate signal stacks in exception handlers.\n\nImpact:\n\nUnder carefully engineered conditions, an attacker could remotely trigger signals causing memory corruption, potentially leading to heap overflows and application compromise. The underlying issue stemmed from poor management of Unix signal handling (exception_logging/unix.rs).\n\n\n---\n\nConclusion\n\nThe vulnerabilities revealed over the past six months provide a stark reminder: VPNs, while often marketed as silver bullets for privacy and security, can themselves introduce significant risks. As sophisticated threat actors continue targeting VPN infrastructures, organizations and individuals must remain vigilant \u2014 promptly applying patches, retiring unsupported systems, and reassessing their dependency on VPN technologies as a cornerstone of security strategies.\n\nSecurity through obscurity is no longer sufficient. Zero-trust principles, segmentation, and layered defenses must complement traditional VPN deployments to effectively mitigate modern threats.\n\n#HackersFactory", "creation_timestamp": "2025-04-27T05:42:31.000000Z"} 2025-04-27T05:42:31+00:00