https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 07 Jun 2026 01:31:26 +0000 https://db.gcve.eu/sighting/326895be-916a-4a7b-a0e4-7a811679dfea/export {"uuid": "326895be-916a-4a7b-a0e4-7a811679dfea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25504", "type": "seen", "source": "https://t.me/cibsecurity/62293", "content": "\u203c CVE-2023-25504 \u203c\n\nA malicious actor who has been authenticated and granted specific permissions in Apache Superset may use the import dataset feature in order to conduct Server-Side Request Forgery attacks and query internal resources on behalf of the server where Superset is deployed. This vulnerability exists\u00c2\u00a0in Apache Superset versions up to and including 2.0.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-17T20:41:10.000000Z"} {"uuid": "326895be-916a-4a7b-a0e4-7a811679dfea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25504", "type": "seen", "source": "https://t.me/cibsecurity/62293", "content": "\u203c CVE-2023-25504 \u203c\n\nA malicious actor who has been authenticated and granted specific permissions in Apache Superset may use the import dataset feature in order to conduct Server-Side Request Forgery attacks and query internal resources on behalf of the server where Superset is deployed. This vulnerability exists\u00c2\u00a0in Apache Superset versions up to and including 2.0.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-17T20:41:10.000000Z"} https://db.gcve.eu/sighting/326895be-916a-4a7b-a0e4-7a811679dfea/export Mon, 17 Apr 2023 20:41:10 +0000 https://db.gcve.eu/sighting/bb8cd1c8-2d78-40aa-9d5c-df162dcc3961/export {"uuid": "bb8cd1c8-2d78-40aa-9d5c-df162dcc3961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25508", "type": "seen", "source": "https://t.me/cibsecurity/62640", "content": "\u203c CVE-2023-25508 \u203c\n\nNVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where an attacker with the appropriate level of authorization can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, and data tampering.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-22T07:37:19.000000Z"} {"uuid": "bb8cd1c8-2d78-40aa-9d5c-df162dcc3961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25508", "type": "seen", "source": "https://t.me/cibsecurity/62640", "content": "\u203c CVE-2023-25508 \u203c\n\nNVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler, where an attacker with the appropriate level of authorization can upload and download arbitrary files under certain circumstances, which may lead to denial of service, escalation of privileges, information disclosure, and data tampering.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-22T07:37:19.000000Z"} https://db.gcve.eu/sighting/bb8cd1c8-2d78-40aa-9d5c-df162dcc3961/export Sat, 22 Apr 2023 07:37:19 +0000 https://db.gcve.eu/sighting/684eaba8-4027-4fdd-aca2-46d33a7648b5/export {"uuid": "684eaba8-4027-4fdd-aca2-46d33a7648b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25506", "type": "seen", "source": "https://t.me/cibsecurity/62643", "content": "\u203c CVE-2023-25506 \u203c\n\nNVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of the impact of this vulnerability can extend to other components.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-22T07:37:23.000000Z"} {"uuid": "684eaba8-4027-4fdd-aca2-46d33a7648b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25506", "type": "seen", "source": "https://t.me/cibsecurity/62643", "content": "\u203c CVE-2023-25506 \u203c\n\nNVIDIA DGX-1 contains a vulnerability in Ofbd in AMI SBIOS, where a preconditioned heap can allow a user with elevated privileges to cause an access beyond the end of a buffer, which may lead to code execution, escalation of privileges, denial of service and information disclosure. The scope of the impact of this vulnerability can extend to other components.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-22T07:37:23.000000Z"} https://db.gcve.eu/sighting/684eaba8-4027-4fdd-aca2-46d33a7648b5/export Sat, 22 Apr 2023 07:37:23 +0000 https://db.gcve.eu/sighting/cfd840d5-f156-4044-a362-0ed7432c90d8/export {"uuid": "cfd840d5-f156-4044-a362-0ed7432c90d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25507", "type": "seen", "source": "https://t.me/cibsecurity/62645", "content": "\u203c CVE-2023-25507 \u203c\n\nNVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where an attacker with the appropriate level of authorization can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, and data tampering.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-22T07:37:25.000000Z"} {"uuid": "cfd840d5-f156-4044-a362-0ed7432c90d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25507", "type": "seen", "source": "https://t.me/cibsecurity/62645", "content": "\u203c CVE-2023-25507 \u203c\n\nNVIDIA DGX-1 BMC contains a vulnerability in the SPX REST API, where an attacker with the appropriate level of authorization can inject arbitrary shell commands, which may lead to code execution, denial of service, information disclosure, and data tampering.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-22T07:37:25.000000Z"} https://db.gcve.eu/sighting/cfd840d5-f156-4044-a362-0ed7432c90d8/export Sat, 22 Apr 2023 07:37:25 +0000 https://db.gcve.eu/sighting/0484b468-3a7c-4c23-b0d0-6166f9b79aac/export {"uuid": "0484b468-3a7c-4c23-b0d0-6166f9b79aac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25509", "type": "seen", "source": "https://t.me/cibsecurity/62648", "content": "\u203c CVE-2023-25509 \u203c\n\nNVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-22T07:37:28.000000Z"} {"uuid": "0484b468-3a7c-4c23-b0d0-6166f9b79aac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25509", "type": "seen", "source": "https://t.me/cibsecurity/62648", "content": "\u203c CVE-2023-25509 \u203c\n\nNVIDIA DGX-1 SBIOS contains a vulnerability in Bds, which may lead to code execution, denial of service, and escalation of privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-22T07:37:28.000000Z"} https://db.gcve.eu/sighting/0484b468-3a7c-4c23-b0d0-6166f9b79aac/export Sat, 22 Apr 2023 07:37:28 +0000 https://db.gcve.eu/sighting/9a743df9-1ad5-41a9-99a7-204ddec00a49/export {"uuid": "9a743df9-1ad5-41a9-99a7-204ddec00a49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25505", "type": "seen", "source": "https://t.me/cibsecurity/62654", "content": "\u203c CVE-2023-25505 \u203c\n\nNVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with the appropriate level of authorization can cause a buffer overflow, which may lead to denial of service, information disclosure, or arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-22T07:37:37.000000Z"} {"uuid": "9a743df9-1ad5-41a9-99a7-204ddec00a49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25505", "type": "seen", "source": "https://t.me/cibsecurity/62654", "content": "\u203c CVE-2023-25505 \u203c\n\nNVIDIA DGX-1 BMC contains a vulnerability in the IPMI handler of the AMI MegaRAC BMC , where an attacker with the appropriate level of authorization can cause a buffer overflow, which may lead to denial of service, information disclosure, or arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-22T07:37:37.000000Z"} https://db.gcve.eu/sighting/9a743df9-1ad5-41a9-99a7-204ddec00a49/export Sat, 22 Apr 2023 07:37:37 +0000 https://db.gcve.eu/sighting/e72aec36-f1f3-42ab-b5e7-648e82303e1c/export {"uuid": "e72aec36-f1f3-42ab-b5e7-648e82303e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2550", "type": "seen", "source": "https://t.me/cibsecurity/63400", "content": "\u203c CVE-2023-2550 \u203c\n\nCross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.13.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-11T19:18:37.000000Z"} {"uuid": "e72aec36-f1f3-42ab-b5e7-648e82303e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2550", "type": "seen", "source": "https://t.me/cibsecurity/63400", "content": "\u203c CVE-2023-2550 \u203c\n\nCross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.13.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-11T19:18:37.000000Z"} https://db.gcve.eu/sighting/e72aec36-f1f3-42ab-b5e7-648e82303e1c/export Thu, 11 May 2023 19:18:37 +0000 https://db.gcve.eu/sighting/f006a5f2-3501-4f84-b06a-5e969a768a97/export {"uuid": "f006a5f2-3501-4f84-b06a-5e969a768a97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25500", "type": "seen", "source": "https://t.me/arpsyndicate/3128", "content": "#ExploitObserverAlert\n\nCVE-2023-25500\n\nDESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2023-25500. Possible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1.0.alpha1 to 24.1.0.rc2, resulting in potential information disclosure of class and method names in RPC responses by sending modified requests.\n\nFIRST-EPSS: 0.000450000\nNVD-IS: 1.4\nNVD-ES: 2.8", "creation_timestamp": "2024-01-28T00:20:14.000000Z"} {"uuid": "f006a5f2-3501-4f84-b06a-5e969a768a97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25500", "type": "seen", "source": "https://t.me/arpsyndicate/3128", "content": "#ExploitObserverAlert\n\nCVE-2023-25500\n\nDESCRIPTION: Exploit Observer has 3 entries in 3 file formats related to CVE-2023-25500. Possible information disclosure in Vaadin 10.0.0 to 10.0.23, 11.0.0 to 14.10.1, 15.0.0 to 22.0.28, 23.0.0 to 23.3.13, 24.0.0 to 24.0.6, 24.1.0.alpha1 to 24.1.0.rc2, resulting in potential information disclosure of class and method names in RPC responses by sending modified requests.\n\nFIRST-EPSS: 0.000450000\nNVD-IS: 1.4\nNVD-ES: 2.8", "creation_timestamp": "2024-01-28T00:20:14.000000Z"} https://db.gcve.eu/sighting/f006a5f2-3501-4f84-b06a-5e969a768a97/export Sun, 28 Jan 2024 00:20:14 +0000