https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 26 May 2026 12:30:28 +0000 https://db.gcve.eu/sighting/49bdf8f0-edce-43d7-851a-2e38f2e68b94/export {"uuid": "49bdf8f0-edce-43d7-851a-2e38f2e68b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2312", "type": "seen", "source": "https://t.me/cibsecurity/48475", "content": "\u203c CVE-2022-2312 \u203c\n\nThe Student Result or Employee Database WordPress plugin before 1.7.5 does not have CSRF in its AJAX actions, allowing attackers to make logged in user with a role as low as contributor to add/edit and delete students via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site scripting\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-22T18:20:28.000000Z"} {"uuid": "49bdf8f0-edce-43d7-851a-2e38f2e68b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2312", "type": "seen", "source": "https://t.me/cibsecurity/48475", "content": "\u203c CVE-2022-2312 \u203c\n\nThe Student Result or Employee Database WordPress plugin before 1.7.5 does not have CSRF in its AJAX actions, allowing attackers to make logged in user with a role as low as contributor to add/edit and delete students via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping, it could also lead to Stored Cross-Site scripting\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-22T18:20:28.000000Z"} https://db.gcve.eu/sighting/49bdf8f0-edce-43d7-851a-2e38f2e68b94/export Mon, 22 Aug 2022 18:20:28 +0000 https://db.gcve.eu/sighting/e15c0b75-6eef-4369-842d-4823a82dd510/export {"uuid": "e15c0b75-6eef-4369-842d-4823a82dd510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23124", "type": "seen", "source": "https://t.me/cibsecurity/60910", "content": "\u203c CVE-2022-23124 \u203c\n\nThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the get_finderinfo method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15870.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T22:39:46.000000Z"} {"uuid": "e15c0b75-6eef-4369-842d-4823a82dd510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23124", "type": "seen", "source": "https://t.me/cibsecurity/60910", "content": "\u203c CVE-2022-23124 \u203c\n\nThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the get_finderinfo method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15870.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T22:39:46.000000Z"} https://db.gcve.eu/sighting/e15c0b75-6eef-4369-842d-4823a82dd510/export Tue, 28 Mar 2023 22:39:46 +0000 https://db.gcve.eu/sighting/d590385a-27c7-4b48-babe-a604d75f0d88/export {"uuid": "d590385a-27c7-4b48-babe-a604d75f0d88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23125", "type": "seen", "source": "https://t.me/cibsecurity/60912", "content": "\u203c CVE-2022-23125 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the copyapplfile function. When parsing the len element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15869.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T22:39:47.000000Z"} {"uuid": "d590385a-27c7-4b48-babe-a604d75f0d88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23125", "type": "seen", "source": "https://t.me/cibsecurity/60912", "content": "\u203c CVE-2022-23125 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the copyapplfile function. When parsing the len element, the process does not properly validate the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15869.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T22:39:47.000000Z"} https://db.gcve.eu/sighting/d590385a-27c7-4b48-babe-a604d75f0d88/export Tue, 28 Mar 2023 22:39:47 +0000 https://db.gcve.eu/sighting/9e140ec3-341f-4c84-a11f-64096cc906e9/export {"uuid": "9e140ec3-341f-4c84-a11f-64096cc906e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23122", "type": "seen", "source": "https://t.me/cibsecurity/60914", "content": "\u203c CVE-2022-23122 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setfilparams function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15837.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T22:39:50.000000Z"} {"uuid": "9e140ec3-341f-4c84-a11f-64096cc906e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23122", "type": "seen", "source": "https://t.me/cibsecurity/60914", "content": "\u203c CVE-2022-23122 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setfilparams function. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15837.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T22:39:50.000000Z"} https://db.gcve.eu/sighting/9e140ec3-341f-4c84-a11f-64096cc906e9/export Tue, 28 Mar 2023 22:39:50 +0000 https://db.gcve.eu/sighting/bd4b7428-3aca-4962-ae51-fceaeea5351e/export {"uuid": "bd4b7428-3aca-4962-ae51-fceaeea5351e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23123", "type": "seen", "source": "https://t.me/cibsecurity/60915", "content": "\u203c CVE-2022-23123 \u203c\n\nThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getdirparams method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15830.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T22:39:51.000000Z"} {"uuid": "bd4b7428-3aca-4962-ae51-fceaeea5351e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23123", "type": "seen", "source": "https://t.me/cibsecurity/60915", "content": "\u203c CVE-2022-23123 \u203c\n\nThis vulnerability allows remote attackers to disclose sensitive information on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the getdirparams method. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-15830.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T22:39:51.000000Z"} https://db.gcve.eu/sighting/bd4b7428-3aca-4962-ae51-fceaeea5351e/export Tue, 28 Mar 2023 22:39:51 +0000 https://db.gcve.eu/sighting/1bcddf76-130c-42b1-a569-eceb59629cc8/export {"uuid": "1bcddf76-130c-42b1-a569-eceb59629cc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23121", "type": "seen", "source": "https://t.me/cibsecurity/60921", "content": "\u203c CVE-2022-23121 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parse_entries function. The issue results from the lack of proper error handling when parsing AppleDouble entries. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15819.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T22:39:59.000000Z"} {"uuid": "1bcddf76-130c-42b1-a569-eceb59629cc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23121", "type": "seen", "source": "https://t.me/cibsecurity/60921", "content": "\u203c CVE-2022-23121 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the parse_entries function. The issue results from the lack of proper error handling when parsing AppleDouble entries. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-15819.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T22:39:59.000000Z"} https://db.gcve.eu/sighting/1bcddf76-130c-42b1-a569-eceb59629cc8/export Tue, 28 Mar 2023 22:39:59 +0000 https://db.gcve.eu/sighting/c0ad8b49-724f-4c2e-a19a-dceb1a50802e/export {"uuid": "c0ad8b49-724f-4c2e-a19a-dceb1a50802e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23120", "type": "seen", "source": "https://t.me/arpsyndicate/1195", "content": "#ExploitObserverAlert\n\nCVE-2022-23120\n\nDESCRIPTION: Exploit Observer has 11 entries related to CVE-2022-23120. A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to escalate privileges and run arbitrary code in the context of root. Please note: an attacker must first obtain access to the target agent in an un-activated and unconfigured state in order to exploit this vulnerability.\n\nFIRST-EPSS: 0.000480000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-04T11:47:30.000000Z"} {"uuid": "c0ad8b49-724f-4c2e-a19a-dceb1a50802e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23120", "type": "seen", "source": "https://t.me/arpsyndicate/1195", "content": "#ExploitObserverAlert\n\nCVE-2022-23120\n\nDESCRIPTION: Exploit Observer has 11 entries related to CVE-2022-23120. A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to escalate privileges and run arbitrary code in the context of root. Please note: an attacker must first obtain access to the target agent in an un-activated and unconfigured state in order to exploit this vulnerability.\n\nFIRST-EPSS: 0.000480000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-12-04T11:47:30.000000Z"} https://db.gcve.eu/sighting/c0ad8b49-724f-4c2e-a19a-dceb1a50802e/export Mon, 04 Dec 2023 11:47:30 +0000 https://db.gcve.eu/sighting/b60f5f5d-4029-484d-9c7d-d8a10709d467/export {"uuid": "b60f5f5d-4029-484d-9c7d-d8a10709d467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23125", "type": "seen", "source": "https://mastodon.social/users/hrbrmstr/statuses/115503075342022488", "content": "", "creation_timestamp": "2025-11-06T13:51:04.965751Z"} {"uuid": "b60f5f5d-4029-484d-9c7d-d8a10709d467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23125", "type": "seen", "source": "https://mastodon.social/users/hrbrmstr/statuses/115503075342022488", "content": "", "creation_timestamp": "2025-11-06T13:51:04.965751Z"} https://db.gcve.eu/sighting/b60f5f5d-4029-484d-9c7d-d8a10709d467/export Thu, 06 Nov 2025 13:51:04 +0000 https://db.gcve.eu/sighting/8a6a2ab0-cd33-4ad4-a7dd-08b8a5fbab07/export {"uuid": "8a6a2ab0-cd33-4ad4-a7dd-08b8a5fbab07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23125", "type": "seen", "source": "https://bsky.app/profile/hrbrmstr.mastodon.social.ap.brid.gy/post/3m4xphvkzvtb2", "content": "", "creation_timestamp": "2025-11-06T13:51:36.563267Z"} {"uuid": "8a6a2ab0-cd33-4ad4-a7dd-08b8a5fbab07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23125", "type": "seen", "source": "https://bsky.app/profile/hrbrmstr.mastodon.social.ap.brid.gy/post/3m4xphvkzvtb2", "content": "", "creation_timestamp": "2025-11-06T13:51:36.563267Z"} https://db.gcve.eu/sighting/8a6a2ab0-cd33-4ad4-a7dd-08b8a5fbab07/export Thu, 06 Nov 2025 13:51:36 +0000 https://db.gcve.eu/sighting/8059a7ef-c7c2-4251-83dd-ff46bad1d147/export {"uuid": "8059a7ef-c7c2-4251-83dd-ff46bad1d147", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23125", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m6aoztro7z2j", "content": "", "creation_timestamp": "2025-11-22T21:02:33.324714Z"} {"uuid": "8059a7ef-c7c2-4251-83dd-ff46bad1d147", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23125", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m6aoztro7z2j", "content": "", "creation_timestamp": "2025-11-22T21:02:33.324714Z"} https://db.gcve.eu/sighting/8059a7ef-c7c2-4251-83dd-ff46bad1d147/export Sat, 22 Nov 2025 21:02:33 +0000