https://db.gcve.eu/sightings/feedMost recent sightings.2026-06-05T04:12:17.925459+00:00Vulnerability-Lookupinfo@gcve.eupython-feedgenContains only the most 10 recent sightings.https://db.gcve.eu/sighting/d2213fa6-b906-4965-9213-1cb66e93534a/exportd2213fa6-b906-4965-9213-1cb66e93534a2026-06-05T04:12:18.244302+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "d2213fa6-b906-4965-9213-1cb66e93534a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45159", "type": "seen", "source": "https://t.me/cvedetector/4938", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45159 - Mbed TLS Invalid Certificate Validation in TLS 1.3 Client Authentication\", \n \"Content\": \"CVE ID : CVE-2024-45159 \nPublished : Sept. 5, 2024, 7:15 p.m. | 39\u00a0minutes ago \nDescription : An issue was discovered in Mbed TLS 3.x before 3.6.1. With TLS 1.3, when a server enables optional authentication of the client, if the client-provided certificate does not have appropriate values in if keyUsage or extKeyUsage extensions, then the return value of mbedtls_ssl_get_verify_result() would incorrectly have the MBEDTLS_X509_BADCERT_KEY_USAGE and MBEDTLS_X509_BADCERT_KEY_USAGE bits clear. As a result, an attacker that had a certificate valid for uses other than TLS client authentication would nonetheless be able to use it for TLS client authentication. Only TLS 1.3 servers were affected, and only with optional authentication (with required authentication, the handshake would be aborted with a fatal alert). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-05T22:13:22.000000Z"}2024-09-05T22:13:22+00:00https://db.gcve.eu/sighting/7b1acc0a-1feb-4d57-9f55-98fc9f73df3d/export7b1acc0a-1feb-4d57-9f55-98fc9f73df3d2026-06-05T04:12:18.244244+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "7b1acc0a-1feb-4d57-9f55-98fc9f73df3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45158", "type": "seen", "source": "https://t.me/cvedetector/4939", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45158 - Mbed TLS Stack Buffer Overflow Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-45158 \nPublished : Sept. 5, 2024, 7:15 p.m. | 39\u00a0minutes ago \nDescription : An issue was discovered in Mbed TLS 3.6 before 3.6.1. A stack buffer overflow in mbedtls_ecdsa_der_to_raw() and mbedtls_ecdsa_raw_to_der() can occur when the bits parameter is larger than the largest supported curve. In some configurations with PSA disabled, all values of bits are affected. (This never happens in internal library calls, but can affect applications that call these functions directly.) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-05T22:13:22.000000Z"}2024-09-05T22:13:22+00:00https://db.gcve.eu/sighting/ddbbca0b-90a6-4eab-ac1d-089ab79595da/exportddbbca0b-90a6-4eab-ac1d-089ab79595da2026-06-05T04:12:18.244184+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "ddbbca0b-90a6-4eab-ac1d-089ab79595da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45157", "type": "seen", "source": "https://t.me/cvedetector/4940", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45157 - Mbed TLS HMAC_DRBG Algorithm Misconfiguration Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-45157 \nPublished : Sept. 5, 2024, 7:15 p.m. | 39\u00a0minutes ago \nDescription : An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG and MBEDTLS_CTR_DRBG_C are disabled. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"05 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-05T22:13:23.000000Z"}2024-09-05T22:13:23+00:00https://db.gcve.eu/sighting/e981fa86-5eec-48d0-8f5a-d2f6b25dcefc/exporte981fa86-5eec-48d0-8f5a-d2f6b25dcefc2026-06-05T04:12:18.244119+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "e981fa86-5eec-48d0-8f5a-d2f6b25dcefc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45153", "type": "seen", "source": "https://t.me/cvedetector/7217", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45153 - Adobe Experience Manager Stored XSS Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-45153 \nPublished : Oct. 7, 2024, 1:15 p.m. | 32\u00a0minutes ago \nDescription : Adobe Experience Manager versions 6.5.20 and earlier are affected by a stored Cross-Site Scripting (XSS) vulnerability that could be abused by a low-privileged attacker to inject malicious scripts into vulnerable form fields. Malicious JavaScript may be executed in a victim\u2019s browser when they browse to the page containing the vulnerable field. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"07 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-07T15:57:41.000000Z"}2024-10-07T15:57:41+00:00https://db.gcve.eu/sighting/a60b4e9d-494f-483c-95be-acd287119e88/exporta60b4e9d-494f-483c-95be-acd287119e882026-06-05T04:12:18.244061+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "a60b4e9d-494f-483c-95be-acd287119e88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45150", "type": "seen", "source": "https://t.me/cvedetector/7444", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45150 - Dimension File Handler Out-of-Bounds Write Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-45150 \nPublished : Oct. 9, 2024, 9:15 a.m. | 37\u00a0minutes ago \nDescription : Dimension versions 4.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-09T12:18:05.000000Z"}2024-10-09T12:18:05+00:00https://db.gcve.eu/sighting/f1fded4e-3341-4a3e-a1eb-b412739898b3/exportf1fded4e-3341-4a3e-a1eb-b412739898b32026-06-05T04:12:18.244001+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "f1fded4e-3341-4a3e-a1eb-b412739898b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45152", "type": "seen", "source": "https://t.me/cvedetector/7464", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45152 - Substance3D Stager Out-of-Bounds Write Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-45152 \nPublished : Oct. 9, 2024, 2:15 p.m. | 38\u00a0minutes ago \nDescription : Substance3D - Stager versions 3.0.3 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-09T17:19:07.000000Z"}2024-10-09T17:19:07+00:00https://db.gcve.eu/sighting/a6cbbbe4-14f3-433c-848d-cec0d88daf7e/exporta6cbbbe4-14f3-433c-848d-cec0d88daf7e2026-06-05T04:12:18.243943+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "a6cbbbe4-14f3-433c-848d-cec0d88daf7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4515", "type": "seen", "source": "Telegram/RgCHrCdxFrhRsdBuu-DDBzt3QA_fSAz4D0xv42ar6W8Ehz2a", "content": "", "creation_timestamp": "2025-02-19T19:13:55.000000Z"}2025-02-19T19:13:55+00:00https://db.gcve.eu/sighting/4f05aeb0-a5ca-4b03-b686-81b6cfffcb7a/export4f05aeb0-a5ca-4b03-b686-81b6cfffcb7a2026-06-05T04:12:18.243879+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "4f05aeb0-a5ca-4b03-b686-81b6cfffcb7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45157", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7595", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45157\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Mbed TLS before 2.28.9 and 3.x before 3.6.1, in which the user-selected algorithm is not used. Unlike previously documented, enabling MBEDTLS_PSA_HMAC_DRBG_MD_TYPE does not cause the PSA subsystem to use HMAC_DRBG: it uses HMAC_DRBG only when MBEDTLS_PSA_CRYPTO_EXTERNAL_RNG and MBEDTLS_CTR_DRBG_C are disabled.\n\ud83d\udccf Published: 2024-09-05T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-14T16:22:12.090Z\n\ud83d\udd17 References:\n1. https://mbed-tls.readthedocs.io/en/latest/security-advisories/\n2. https://github.com/Mbed-TLS/mbedtls/releases/\n3. https://mbed-tls.readthedocs.io/en/latest/security-advisories/mbedtls-security-advisory-2024-08-1/", "creation_timestamp": "2025-03-14T16:44:14.000000Z"}2025-03-14T16:44:14+00:00https://db.gcve.eu/sighting/042c9b85-a658-4df3-b872-4911fa24ae13/export042c9b85-a658-4df3-b872-4911fa24ae132026-06-05T04:12:18.243803+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "042c9b85-a658-4df3-b872-4911fa24ae13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45157", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-01T18:11:57.000000Z"}2025-10-01T18:11:57+00:00https://db.gcve.eu/sighting/937836e8-4ed1-4661-8f71-6d4b084a3131/export937836e8-4ed1-4661-8f71-6d4b084a31312026-06-05T04:12:18.242652+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "937836e8-4ed1-4661-8f71-6d4b084a3131", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45157", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-08T21:59:31.000000Z"}2025-10-08T21:59:31+00:00