https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 28 May 2026 12:08:12 +0000 https://db.gcve.eu/sighting/18739b74-e652-4b68-9144-d8e912a2bc58/export {"uuid": "18739b74-e652-4b68-9144-d8e912a2bc58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "https://t.me/thehackernews/3838", "content": "Apache SuperSet users, beware! \n \nA critical update has been released to patch two new vulnerabilities (CVE-2023-39265 & CVE-2023-37941) that could expose your servers to remote code execution attacks. \n \nFind out here: https://thehackernews.com/2023/09/alert-apache-superset-vulnerabilities.html", "creation_timestamp": "2023-09-07T13:31:34.000000Z"} {"uuid": "18739b74-e652-4b68-9144-d8e912a2bc58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "https://t.me/thehackernews/3838", "content": "Apache SuperSet users, beware! \n \nA critical update has been released to patch two new vulnerabilities (CVE-2023-39265 & CVE-2023-37941) that could expose your servers to remote code execution attacks. \n \nFind out here: https://thehackernews.com/2023/09/alert-apache-superset-vulnerabilities.html", "creation_timestamp": "2023-09-07T13:31:34.000000Z"} https://db.gcve.eu/sighting/18739b74-e652-4b68-9144-d8e912a2bc58/export Thu, 07 Sep 2023 13:31:34 +0000 https://db.gcve.eu/sighting/1dc149b6-d03f-416e-b00b-ee97c5dc6cd0/export {"uuid": "1dc149b6-d03f-416e-b00b-ee97c5dc6cd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "published-proof-of-concept", "source": "Telegram/hqzcq-N-UmfLuy_GrV60Wdv72OSiDR6dOzg10bG3ca7Czg", "content": "", "creation_timestamp": "2023-09-07T13:42:21.000000Z"} {"uuid": "1dc149b6-d03f-416e-b00b-ee97c5dc6cd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "published-proof-of-concept", "source": "Telegram/hqzcq-N-UmfLuy_GrV60Wdv72OSiDR6dOzg10bG3ca7Czg", "content": "", "creation_timestamp": "2023-09-07T13:42:21.000000Z"} https://db.gcve.eu/sighting/1dc149b6-d03f-416e-b00b-ee97c5dc6cd0/export Thu, 07 Sep 2023 13:42:21 +0000 https://db.gcve.eu/sighting/c169fe3b-a5ae-4b3c-be7a-cdbfcfc4da41/export {"uuid": "c169fe3b-a5ae-4b3c-be7a-cdbfcfc4da41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "https://t.me/KomunitiSiber/755", "content": "Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks\nhttps://thehackernews.com/2023/09/alert-apache-superset-vulnerabilities.html\n\nPatches have been released to address two new security vulnerabilities in Apache SuperSet that could be exploited by an attacker to gain remote code execution on affected systems.\nThe update (version 2.1.1) plugs\u00a0CVE-2023-39265\u00a0and\u00a0CVE-2023-37941, which make it possible to conduct nefarious actions once a bad actor is able to gain control of Superset\u2019s metadata database.\nOutside of these", "creation_timestamp": "2023-09-07T13:47:33.000000Z"} {"uuid": "c169fe3b-a5ae-4b3c-be7a-cdbfcfc4da41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "https://t.me/KomunitiSiber/755", "content": "Alert: Apache SuperSet Vulnerabilities Expose Servers to Remote Code Execution Attacks\nhttps://thehackernews.com/2023/09/alert-apache-superset-vulnerabilities.html\n\nPatches have been released to address two new security vulnerabilities in Apache SuperSet that could be exploited by an attacker to gain remote code execution on affected systems.\nThe update (version 2.1.1) plugs\u00a0CVE-2023-39265\u00a0and\u00a0CVE-2023-37941, which make it possible to conduct nefarious actions once a bad actor is able to gain control of Superset\u2019s metadata database.\nOutside of these", "creation_timestamp": "2023-09-07T13:47:33.000000Z"} https://db.gcve.eu/sighting/c169fe3b-a5ae-4b3c-be7a-cdbfcfc4da41/export Thu, 07 Sep 2023 13:47:33 +0000 https://db.gcve.eu/sighting/2c2e98e2-46de-442a-980d-fdf812208549/export {"uuid": "2c2e98e2-46de-442a-980d-fdf812208549", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/apache_superset_cookie_sig_rce.rb", "content": "", "creation_timestamp": "2023-10-12T21:34:40.000000Z"} {"uuid": "2c2e98e2-46de-442a-980d-fdf812208549", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/apache_superset_cookie_sig_rce.rb", "content": "", "creation_timestamp": "2023-10-12T21:34:40.000000Z"} https://db.gcve.eu/sighting/2c2e98e2-46de-442a-980d-fdf812208549/export Thu, 12 Oct 2023 21:34:40 +0000 https://db.gcve.eu/sighting/a4aea791-1dd3-4641-9107-2ca0ed2757e9/export {"uuid": "a4aea791-1dd3-4641-9107-2ca0ed2757e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37940", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113670300799021960", "content": "", "creation_timestamp": "2024-12-17T21:32:23.055509Z"} {"uuid": "a4aea791-1dd3-4641-9107-2ca0ed2757e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37940", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113670300799021960", "content": "", "creation_timestamp": "2024-12-17T21:32:23.055509Z"} https://db.gcve.eu/sighting/a4aea791-1dd3-4641-9107-2ca0ed2757e9/export Tue, 17 Dec 2024 21:32:23 +0000 https://db.gcve.eu/sighting/be2af9bd-843e-4a0b-a42e-92faede07ce1/export {"uuid": "be2af9bd-843e-4a0b-a42e-92faede07ce1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37940", "type": "seen", "source": "https://t.me/cvedetector/13141", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-37940 - Liferay Portal Liferay DXP Cross-Site Scripting (XSS)\", \n \"Content\": \"CVE ID : CVE-2023-37940 \nPublished : Dec. 17, 2024, 10:15 p.m. | 43\u00a0minutes ago \nDescription : Cross-site scripting (XSS) vulnerability in the edit Service Access Policy page in Liferay Portal 7.0.0 through 7.4.3.87, and Liferay DXP 7.4 GA through update 87, 7.3 GA through update 29, and older unsupported versions allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a service access policy's `Service Class` text field. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-18T00:18:46.000000Z"} {"uuid": "be2af9bd-843e-4a0b-a42e-92faede07ce1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37940", "type": "seen", "source": "https://t.me/cvedetector/13141", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-37940 - Liferay Portal Liferay DXP Cross-Site Scripting (XSS)\", \n \"Content\": \"CVE ID : CVE-2023-37940 \nPublished : Dec. 17, 2024, 10:15 p.m. | 43\u00a0minutes ago \nDescription : Cross-site scripting (XSS) vulnerability in the edit Service Access Policy page in Liferay Portal 7.0.0 through 7.4.3.87, and Liferay DXP 7.4 GA through update 87, 7.3 GA through update 29, and older unsupported versions allows remote attackers to inject arbitrary web script or HTML via a crafted payload injected into a service access policy's `Service Class` text field. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"17 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-18T00:18:46.000000Z"} https://db.gcve.eu/sighting/be2af9bd-843e-4a0b-a42e-92faede07ce1/export Wed, 18 Dec 2024 00:18:46 +0000 https://db.gcve.eu/sighting/c9497245-de45-4ea8-afa5-c89988bdffe8/export {"uuid": "c9497245-de45-4ea8-afa5-c89988bdffe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"} {"uuid": "c9497245-de45-4ea8-afa5-c89988bdffe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"} https://db.gcve.eu/sighting/c9497245-de45-4ea8-afa5-c89988bdffe8/export Thu, 06 Feb 2025 03:13:46 +0000 https://db.gcve.eu/sighting/5ae84d6f-5b18-4224-833e-ef0578d8b46c/export {"uuid": "5ae84d6f-5b18-4224-833e-ef0578d8b46c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:55.000000Z"} {"uuid": "5ae84d6f-5b18-4224-833e-ef0578d8b46c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:55.000000Z"} https://db.gcve.eu/sighting/5ae84d6f-5b18-4224-833e-ef0578d8b46c/export Sun, 23 Feb 2025 04:10:55 +0000 https://db.gcve.eu/sighting/7beff782-361e-4ef3-9210-bd2f1ced140f/export {"uuid": "7beff782-361e-4ef3-9210-bd2f1ced140f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwkbd7jwdi2v", "content": "", "creation_timestamp": "2025-08-16T21:02:22.128502Z"} {"uuid": "7beff782-361e-4ef3-9210-bd2f1ced140f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwkbd7jwdi2v", "content": "", "creation_timestamp": "2025-08-16T21:02:22.128502Z"} https://db.gcve.eu/sighting/7beff782-361e-4ef3-9210-bd2f1ced140f/export Sat, 16 Aug 2025 21:02:22 +0000 https://db.gcve.eu/sighting/fd089b48-39c9-4c68-ab65-a8d6451b8cad/export {"uuid": "fd089b48-39c9-4c68-ab65-a8d6451b8cad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"} {"uuid": "fd089b48-39c9-4c68-ab65-a8d6451b8cad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-37941", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"} https://db.gcve.eu/sighting/fd089b48-39c9-4c68-ab65-a8d6451b8cad/export Thu, 23 Oct 2025 21:13:01 +0000