https://db.gcve.eu/sightings/feed 2026-05-02T22:42:20.967846+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/8532134d-4d87-4558-9e9c-0a5f81d72352/export 2026-05-02T22:42:21.315189+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "8532134d-4d87-4558-9e9c-0a5f81d72352", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31664", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4380", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-31664 WSO2\nURL\uff1ahttps://github.com/adilkhan7/CVE-2023-31664\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-05-19T05:57:43.000000Z"} 2023-05-19T05:57:43+00:00 https://db.gcve.eu/sighting/f49b170a-633b-41f7-9b99-16faa2d1a256/export 2026-05-02T22:42:21.315124+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "f49b170a-633b-41f7-9b99-16faa2d1a256", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31664", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8333", "content": "#exploit\n1. CVE-2023-31664:\nXSS in WSO2 API Manager\nhttps://github.com/adilkhan7/CVE-2023-31664\n\n2. CVE-2023-29919:\nArbitrary read file vulnerability in SolarView Compact <6.0\nhttps://github.com/xiaosed/CVE-2023-29919", "creation_timestamp": "2023-05-20T21:32:30.000000Z"} 2023-05-20T21:32:30+00:00 https://db.gcve.eu/sighting/f7fafb77-d9db-4410-937b-efdeecda8c08/export 2026-05-02T22:42:21.315024+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "f7fafb77-d9db-4410-937b-efdeecda8c08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31664", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3038", "content": "Tools - Hackers Factory \n\n\u200b\u200bPuredns\n\nA fast domain resolver and subdomain bruteforcing tool that can accurately filter out wildcard subdomains and DNS poisoned entries.\n\nhttps://github.com/d3mondev/puredns\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bCVE-2021-41091\n\nThis exploit offers an in-depth look at the CVE-2021-41091 security vulnerability and provides a step-by-step guide on how to utilize the exploit script to achieve privilege escalation on a host.\n\nhttps://github.com/UncleJ4ck/CVE-2021-41091\n\n#cve #infosec #exploit\n\n\u200b\u200bSSH-Harvester\n\nHarvest passwords automatically from OpenSSH server.\n\nhttps://github.com/jm33-m0/SSH-Harvester\n\n#infosec #pentesting #redteam\n\n\u200b\u200bEATGuard\n\nImplementation of an export address table protection mitigation, like Export Address Filtering (EAF)\n\nhttps://github.com/connormcgarr/EATGuard\n\n#cybersecurity #infosec\n\n\u200b\u200bMS17-010 Exploit Code\n\nThis is just an semi-automated fully working, no-bs, non-metasploit version of the public exploit code for MS17-010.\n\nhttps://github.com/3ndG4me/AutoBlue-MS17-010\n\n#exploit #cybersecurity #infosec\n\n\u200b\u200bWSLHostPatcher\n\nDynamic patch WSL2 to listen port on any interfaces.\n\nhttps://github.com/CzBiX/WSLHostPatcher\n\n#cybersecurity #infosec\n\n\u200b\u200bIvySyn\n\nA fully-automated framework for discovering memory error vulnerabilities in Deep Learning (DL) frameworks.\n\nhttps://gitlab.com/brown-ssl/ivysyn\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bCVE-2023-31664\n\nA reflected cross-site scripting (XSS) vulnerability in /authenticationendpoint/login.do of WSO2 Api Manager below v4.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the tenantDomain parameter.\n\nhttps://github.com/adilkhan7/CVE-2023-31664\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bPowerLessShell\n\nPowerLessShell rely on MSBuild.exe to remotely execute PowerShell scripts and commands without spawning powershell.exe. You can also execute raw shellcode using the same approach.\n\nhttps://github.com/Mr-Un1k0d3r/PowerLessShell\n\n#infosec #pentesting #redteam\n\n\u200b\u200bSAP_Cloud_Connector_SSFS_Decryption\n\nThis repository offers a Proof of Concept (PoC) for decrypting SAP Cloud Connector SSFS. The core feature of this PoC is the exploitation of an exported function - getRecord, present in the libsapscc20jni.so file. The advantage is that you can decrypt the SSFS properties values WITHOUT REVERSING THE ECRYPTION ALGORITHM.\n\nhttps://github.com/redrays-io/SAP_Cloud_Connector_SSFS_Decryption\n\n#cybersecurity #infosec #poc\n\n\u200b\u200bFuzzing Templates\n\nCommunity curated list of fuzzing templates for the nuclei engine to find unknown security vulnerabilities.\n\nhttps://github.com/projectdiscovery/fuzzing-templates\n\n#pentesting #infosec #bugbounty\n\n\u200b\u200brebuff\n\nRebuff is designed to protect AI applications from prompt injection (PI) attacks through a multi-layered defense.\n\nhttps://github.com/woop/rebuff\n\n#cybersecurity #infosec\n\n\u200b\u200bDetection-Validation\n\nThe tool automates the process of simulating malicious process events without need to go through setup of real processes.\n\nhttps://github.com/alwashali/Detection-Validation\n\n#cybersecurity #infosec #malware\n\n\u200b\u200bMinefield\n\nThis is the PoC implementation for the USENIX 2022 paper Minefield: A Software-only Protection for SGX Enclaves against DVFS Attacks\n\nhttps://github.com/iaik/minefield\n\n#cybersecurity #infosec\n\n\u200b\u200bAfuzz \n\nAutomated web path fuzzing tool for the Bug Bounty projects.\n\nhttps://github.com/RapidDNS/Afuzz\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bdumpulator\n\nAn easy-to-use library for emulating memory dumps. Useful for malware analysis (config extraction, unpacking) and dynamic analysis in general (sandboxing).\n\nhttps://github.com/mrexodia/dumpulator\n\n#malware #cybersecurity #infosec\n\n\u200b\u200bAtomicSyscall\n\nTools and PoCs for Windows syscall investigation.\n\nhttps://github.com/daem0nc0re/AtomicSyscall\n\n#infosec #pentesting #redteam\n\n\u200b\u200bezXSS\n\nezXSS is an easy way for penetration testers and bug bounty hunters to test (blind) Cross Site Scripting.\n\nhttps://github.com/ssl/ezXSS\n\n#infosec #redteam #bugbounty\n\n\u200b\u200bhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-22T14:01:04.000000Z"} 2023-05-22T14:01:04+00:00 https://db.gcve.eu/sighting/212007bd-6553-4ecf-bd60-c5e92d20646b/export 2026-05-02T22:42:21.313992+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "212007bd-6553-4ecf-bd60-c5e92d20646b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31664", "type": "seen", "source": "Telegram/zRWIAueIFVbIiy9IpUQnxPKFP58apDCXh8eej9wEV81qbl5o", "content": "", "creation_timestamp": "2025-02-01T17:28:10.000000Z"} 2025-02-01T17:28:10+00:00