https://db.gcve.eu/sightings/feedMost recent sightings.2026-06-05T03:12:01.729737+00:00Vulnerability-Lookupinfo@gcve.eupython-feedgenContains only the most 10 recent sightings.https://db.gcve.eu/sighting/53a5da9e-22ec-4a47-b570-9aea946f2539/export53a5da9e-22ec-4a47-b570-9aea946f25392026-06-05T03:12:01.969030+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "53a5da9e-22ec-4a47-b570-9aea946f2539", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47220", "type": "seen", "source": "https://t.me/cvedetector/6148", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47220 - WEBrick HTTP Request Smuggling\", \n \"Content\": \"CVE ID : CVE-2024-47220 \nPublished : Sept. 22, 2024, 1:15 a.m. | 37\u00a0minutes ago \nDescription : An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., \"GET /admin HTTP/1.1\\r\\n\" inside of a \"POST /user HTTP/1.1\\r\\n\" request. NOTE: the supplier's position is \"Webrick should not be used in production.\" \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"22 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-22T04:21:54.000000Z"}2024-09-22T04:21:54+00:00https://db.gcve.eu/sighting/b5e0464b-4a08-4530-9d05-edac9b476c0d/exportb5e0464b-4a08-4530-9d05-edac9b476c0d2026-06-05T03:12:01.968971+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "b5e0464b-4a08-4530-9d05-edac9b476c0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47226", "type": "seen", "source": "https://t.me/cvedetector/6150", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47226 - NetBox Stored Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47226 \nPublished : Sept. 22, 2024, 2:15 a.m. | 40\u00a0minutes ago \nDescription : A stored cross-site scripting (XSS) vulnerability exists in NetBox 4.1.0 within the \"Configuration History\" feature of the \"Admin\" panel via a /core/config-revisions/ Add action. An authenticated user can inject arbitrary JavaScript or HTML into the \"Top banner\" field. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"22 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-22T05:12:02.000000Z"}2024-09-22T05:12:02+00:00https://db.gcve.eu/sighting/de4bc748-7628-4ed6-9683-7ed767f34614/exportde4bc748-7628-4ed6-9683-7ed767f346142026-06-05T03:12:01.968916+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "de4bc748-7628-4ed6-9683-7ed767f34614", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47227", "type": "seen", "source": "https://t.me/cvedetector/6173", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47227 - iRedAdmin Cross-Site Scripting (XSS) Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47227 \nPublished : Sept. 23, 2024, 4:15 a.m. | 43\u00a0minutes ago \nDescription : iRedAdmin before 2.6 allows XSS, e.g., via order_name. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-23T07:07:03.000000Z"}2024-09-23T07:07:03+00:00https://db.gcve.eu/sighting/13283226-f0c9-4f9f-a94f-7271c31e5dc9/export13283226-f0c9-4f9f-a94f-7271c31e5dc92026-06-05T03:12:01.968860+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "13283226-f0c9-4f9f-a94f-7271c31e5dc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47222", "type": "seen", "source": "https://t.me/cvedetector/6210", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47222 - MyOffice Collaborative Editing Server SSRF Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47222 \nPublished : Sept. 23, 2024, 8:15 p.m. | 39\u00a0minutes ago \nDescription : New Cloud MyOffice SDK Collaborative Editing Server 2.2.2 through 2.8 allows SSRF via manipulation of requests from external document storage via the MS-WOPI protocol. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Sep 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-23T23:00:41.000000Z"}2024-09-23T23:00:41+00:00https://db.gcve.eu/sighting/a4c46be7-904a-474d-8711-6d41be4c9899/exporta4c46be7-904a-474d-8711-6d41be4c98992026-06-05T03:12:01.968799+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "a4c46be7-904a-474d-8711-6d41be4c9899", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47224", "type": "seen", "source": "https://t.me/cvedetector/8575", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-47224 - Mitel MiCollab AWV Conferencing CRLF Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-47224 \nPublished : Oct. 21, 2024, 9:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability in the AWV (Audio, Web and Video Conferencing) component of Mitel MiCollab through 9.8 SP1 FP2 (9.8.1.201) could allow an unauthenticated attacker to conduct a CRLF injection attack due to inadequate encoding of user input in URLs. A successful exploit could allow an attacker to perform a phishing attack. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"21 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-22T00:24:19.000000Z"}2024-10-22T00:24:19+00:00https://db.gcve.eu/sighting/70e1c954-3dd5-4233-b10a-b7694e003c70/export70e1c954-3dd5-4233-b10a-b7694e003c702026-06-05T03:12:01.968739+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "70e1c954-3dd5-4233-b10a-b7694e003c70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47220", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1015", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-47220\n\ud83d\udd39 Description: An issue was discovered in the WEBrick toolkit through 1.8.1 for Ruby. It allows HTTP request smuggling by providing both a Content-Length header and a Transfer-Encoding header, e.g., \"GET /admin HTTP/1.1\\r\\n\" inside of a \"POST /user HTTP/1.1\\r\\n\" request. NOTE: the supplier's position is \"Webrick should not be used in production.\"\n\ud83d\udccf Published: 2024-09-22T00:00:00\n\ud83d\udccf Modified: 2025-01-09T17:33:17.696Z\n\ud83d\udd17 References:\n1. https://github.com/ruby/webrick/issues/145\n2. https://github.com/ruby/webrick/pull/146/commits/d88321da45dcd230ac2b4585cad4833d6d5e8841\n3. https://github.com/ruby/webrick/issues/145#issuecomment-2369994610\n4. https://github.com/ruby/webrick/issues/145#issuecomment-2372838285", "creation_timestamp": "2025-01-09T18:21:15.000000Z"}2025-01-09T18:21:15+00:00https://db.gcve.eu/sighting/a1da915d-c030-4321-aaa7-b902f391494f/exporta1da915d-c030-4321-aaa7-b902f391494f2026-06-05T03:12:01.968684+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "a1da915d-c030-4321-aaa7-b902f391494f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4722", "type": "seen", "source": "Telegram/Ot0jOcOtHY2ebdwSyudH5HvJrDFau5a8JyKDJF4-qlJC-M-k", "content": "", "creation_timestamp": "2025-02-20T23:26:57.000000Z"}2025-02-20T23:26:57+00:00https://db.gcve.eu/sighting/9db17099-3aa9-499e-bd1e-c04d906b96b5/export9db17099-3aa9-499e-bd1e-c04d906b96b52026-06-05T03:12:01.968624+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "9db17099-3aa9-499e-bd1e-c04d906b96b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47222", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7989", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-47222\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: New Cloud MyOffice SDK Collaborative Editing Server 2.2.2 through 2.8 allows SSRF via manipulation of requests from external document storage via the MS-WOPI protocol.\n\ud83d\udccf Published: 2024-09-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T20:42:56.224Z\n\ud83d\udd17 References:\n1. https://myoffice.ru/\n2. https://support.myoffice.ru/products/myoffice-sdk/", "creation_timestamp": "2025-03-18T20:48:07.000000Z"}2025-03-18T20:48:07+00:00https://db.gcve.eu/sighting/a7b7a50f-64bd-4f42-8936-a983e6d46e66/exporta7b7a50f-64bd-4f42-8936-a983e6d46e662026-06-05T03:12:01.968545+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "a7b7a50f-64bd-4f42-8936-a983e6d46e66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47221", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8090", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-47221\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: CheckUser in ScadaServerEngine/MainLogic.cs in Rapid SCADA through 5.8.4 allows an empty password.\n\ud83d\udccf Published: 2024-09-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T15:49:57.660Z\n\ud83d\udd17 References:\n1. https://github.com/RapidScada/scada/commit/b14cbdfa6cf3a205e57f2383c915365adc3859a7", "creation_timestamp": "2025-03-19T16:18:15.000000Z"}2025-03-19T16:18:15+00:00https://db.gcve.eu/sighting/5e73cfba-be7c-46e5-bf34-672b31486b52/export5e73cfba-be7c-46e5-bf34-672b31486b522026-06-05T03:12:01.966234+00:00cedrichttps://db.gcve.eu/user/cedric{"uuid": "5e73cfba-be7c-46e5-bf34-672b31486b52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-47227", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8668", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-47227\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: iRedAdmin before 2.6 allows XSS, e.g., via order_name.\n\ud83d\udccf Published: 2024-09-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-25T14:11:38.770Z\n\ud83d\udd17 References:\n1. https://github.com/iredmail/iRedAdmin/commit/b537e71ecf522d7f10180f5f0aab4a98a881893a\n2. https://www.iredmail.org\n3. https://github.com/iredmail/iRedAdmin/commit/3c72b438d412ea3ee0270f6956e19b1098c19191\n4. https://github.com/iredmail/iRedAdmin/compare/2.5...2.6\n5. https://docs.iredmail.org/upgrade.iredmail.1.6.8-1.7.0.html#upgrade-iredadmin-open-source-edition-to-the-latest-stable-release-26", "creation_timestamp": "2025-03-25T14:24:26.000000Z"}2025-03-25T14:24:26+00:00