Most recent sightings.

Most recent sightings. https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 28 May 2026 12:08:14 +0000 f1ef5762-07a8-4c76-b265-cb945824644b https://db.gcve.eu/sighting/f1ef5762-07a8-4c76-b265-cb945824644b/export {"uuid": "f1ef5762-07a8-4c76-b265-cb945824644b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3834", "type": "seen", "source": "https://t.me/cibsecurity/67118", "content": "\u203c CVE-2023-3834 \u203c\n\nA vulnerability was found in Bug Finder EX-RATE 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /user/ticket/create of the component Ticket Handler. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-235160. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-22T20:24:34.000000Z"} {"uuid": "f1ef5762-07a8-4c76-b265-cb945824644b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3834", "type": "seen", "source": "https://t.me/cibsecurity/67118", "content": "\u203c CVE-2023-3834 \u203c\n\nA vulnerability was found in Bug Finder EX-RATE 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /user/ticket/create of the component Ticket Handler. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-235160. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-22T20:24:34.000000Z"} https://db.gcve.eu/sighting/f1ef5762-07a8-4c76-b265-cb945824644b/export Sat, 22 Jul 2023 20:24:34 +0000 925aaa85-c8cc-46f0-9079-f965df8ad8ad https://db.gcve.eu/sighting/925aaa85-c8cc-46f0-9079-f965df8ad8ad/export {"uuid": "925aaa85-c8cc-46f0-9079-f965df8ad8ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38348", "type": "seen", "source": "https://t.me/cibsecurity/68141", "content": "\u203c CVE-2023-38348 \u203c\n\nA CSRF issue was discovered in LWsystems Benno MailArchiv 2.10.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-10T00:15:10.000000Z"} {"uuid": "925aaa85-c8cc-46f0-9079-f965df8ad8ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38348", "type": "seen", "source": "https://t.me/cibsecurity/68141", "content": "\u203c CVE-2023-38348 \u203c\n\nA CSRF issue was discovered in LWsystems Benno MailArchiv 2.10.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-10T00:15:10.000000Z"} https://db.gcve.eu/sighting/925aaa85-c8cc-46f0-9079-f965df8ad8ad/export Thu, 10 Aug 2023 00:15:10 +0000 33393038-f4b3-4de1-afad-65a93f0ca41d https://db.gcve.eu/sighting/33393038-f4b3-4de1-afad-65a93f0ca41d/export {"uuid": "33393038-f4b3-4de1-afad-65a93f0ca41d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38347", "type": "seen", "source": "https://t.me/cibsecurity/68144", "content": "\u203c CVE-2023-38347 \u203c\n\nAn issue was discovered in LWsystems Benno MailArchiv 2.10.1. Attackers can cause XSS via JavaScript content to a mailbox.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-10T00:15:16.000000Z"} {"uuid": "33393038-f4b3-4de1-afad-65a93f0ca41d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38347", "type": "seen", "source": "https://t.me/cibsecurity/68144", "content": "\u203c CVE-2023-38347 \u203c\n\nAn issue was discovered in LWsystems Benno MailArchiv 2.10.1. Attackers can cause XSS via JavaScript content to a mailbox.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-10T00:15:16.000000Z"} https://db.gcve.eu/sighting/33393038-f4b3-4de1-afad-65a93f0ca41d/export Thu, 10 Aug 2023 00:15:16 +0000 e98ca5dc-048b-462d-9b62-3addb971e9a8 https://db.gcve.eu/sighting/e98ca5dc-048b-462d-9b62-3addb971e9a8/export {"uuid": "e98ca5dc-048b-462d-9b62-3addb971e9a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38343", "type": "seen", "source": "https://t.me/cibsecurity/70927", "content": "\u203c CVE-2023-38343 \u203c\n\nAn XXE (XML external entity injection) vulnerability exists in the CSEP component of Ivanti Endpoint Manager before 2022 SU4. External entity references are enabled in the XML parser configuration. Exploitation of this vulnerability can lead to file disclosure or Server Side Request Forgery.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-22T00:36:10.000000Z"} {"uuid": "e98ca5dc-048b-462d-9b62-3addb971e9a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38343", "type": "seen", "source": "https://t.me/cibsecurity/70927", "content": "\u203c CVE-2023-38343 \u203c\n\nAn XXE (XML external entity injection) vulnerability exists in the CSEP component of Ivanti Endpoint Manager before 2022 SU4. External entity references are enabled in the XML parser configuration. Exploitation of this vulnerability can lead to file disclosure or Server Side Request Forgery.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-22T00:36:10.000000Z"} https://db.gcve.eu/sighting/e98ca5dc-048b-462d-9b62-3addb971e9a8/export Fri, 22 Sep 2023 00:36:10 +0000 4a7db164-10ce-48d3-9562-204b1fd28f83 https://db.gcve.eu/sighting/4a7db164-10ce-48d3-9562-204b1fd28f83/export {"uuid": "4a7db164-10ce-48d3-9562-204b1fd28f83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38344", "type": "seen", "source": "https://t.me/cibsecurity/70929", "content": "\u203c CVE-2023-38344 \u203c\n\nAn issue was discovered in Ivanti Endpoint Manager before 2022 SU4. A file disclosure vulnerability exists in the GetFileContents SOAP action exposed via /landesk/managementsuite/core/core.secure/OsdScript.asmx. The application does not sufficiently restrict user-supplied paths, allowing for an authenticated attacker to read arbitrary files from a remote system, including the private key used to authenticate to agents for remote access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-22T04:38:19.000000Z"} {"uuid": "4a7db164-10ce-48d3-9562-204b1fd28f83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38344", "type": "seen", "source": "https://t.me/cibsecurity/70929", "content": "\u203c CVE-2023-38344 \u203c\n\nAn issue was discovered in Ivanti Endpoint Manager before 2022 SU4. A file disclosure vulnerability exists in the GetFileContents SOAP action exposed via /landesk/managementsuite/core/core.secure/OsdScript.asmx. The application does not sufficiently restrict user-supplied paths, allowing for an authenticated attacker to read arbitrary files from a remote system, including the private key used to authenticate to agents for remote access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-22T04:38:19.000000Z"} https://db.gcve.eu/sighting/4a7db164-10ce-48d3-9562-204b1fd28f83/export Fri, 22 Sep 2023 04:38:19 +0000 af961fe7-a0a4-41de-b4a1-1e44a06c1e85 https://db.gcve.eu/sighting/af961fe7-a0a4-41de-b4a1-1e44a06c1e85/export {"uuid": "af961fe7-a0a4-41de-b4a1-1e44a06c1e85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38346", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9089", "content": "#exploit\n1. CVE-2023-38346:\nWind River VxWorks tarExtract directory traversal vulnerability\nhttps://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability\n\n2. CVE-2023-29360:\nExploit targeting MSKSSRV.SYS driver\nhttps://github.com/Nero22k/cve-2023-29360", "creation_timestamp": "2023-09-26T11:00:46.000000Z"} {"uuid": "af961fe7-a0a4-41de-b4a1-1e44a06c1e85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38346", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9089", "content": "#exploit\n1. CVE-2023-38346:\nWind River VxWorks tarExtract directory traversal vulnerability\nhttps://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability\n\n2. CVE-2023-29360:\nExploit targeting MSKSSRV.SYS driver\nhttps://github.com/Nero22k/cve-2023-29360", "creation_timestamp": "2023-09-26T11:00:46.000000Z"} https://db.gcve.eu/sighting/af961fe7-a0a4-41de-b4a1-1e44a06c1e85/export Tue, 26 Sep 2023 11:00:46 +0000 b1133f31-5772-4df9-b8af-ca3cb971248d https://db.gcve.eu/sighting/b1133f31-5772-4df9-b8af-ca3cb971248d/export {"uuid": "b1133f31-5772-4df9-b8af-ca3cb971248d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3834", "type": "seen", "source": "https://t.me/arpsyndicate/2371", "content": "#ExploitObserverAlert\n\nCVE-2023-3834\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-3834. A vulnerability was found in Bug Finder EX-RATE 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /user/ticket/create of the component Ticket Handler. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-235160. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2024-01-03T22:36:15.000000Z"} {"uuid": "b1133f31-5772-4df9-b8af-ca3cb971248d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3834", "type": "seen", "source": "https://t.me/arpsyndicate/2371", "content": "#ExploitObserverAlert\n\nCVE-2023-3834\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-3834. A vulnerability was found in Bug Finder EX-RATE 1.0. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /user/ticket/create of the component Ticket Handler. The manipulation of the argument message leads to cross site scripting. The attack may be launched remotely. The identifier of this vulnerability is VDB-235160. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2024-01-03T22:36:15.000000Z"} https://db.gcve.eu/sighting/b1133f31-5772-4df9-b8af-ca3cb971248d/export Wed, 03 Jan 2024 22:36:15 +0000 afa4e7b4-ab4f-4a26-8680-2a8bb753a8ec https://db.gcve.eu/sighting/afa4e7b4-ab4f-4a26-8680-2a8bb753a8ec/export {"uuid": "afa4e7b4-ab4f-4a26-8680-2a8bb753a8ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38346", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1123", "content": "#exploit\n1. CVE-2023-38346:\nWind River VxWorks tarExtract directory traversal vulnerability\nhttps://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability\n\n2. CVE-2023-29360:\nExploit targeting MSKSSRV.SYS driver\nhttps://github.com/Nero22k/cve-2023-29360", "creation_timestamp": "2024-08-16T08:28:27.000000Z"} {"uuid": "afa4e7b4-ab4f-4a26-8680-2a8bb753a8ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-38346", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1123", "content": "#exploit\n1. CVE-2023-38346:\nWind River VxWorks tarExtract directory traversal vulnerability\nhttps://www.pentagrid.ch/en/blog/wind-river-vxworks-tarextract-directory-traversal-vulnerability\n\n2. CVE-2023-29360:\nExploit targeting MSKSSRV.SYS driver\nhttps://github.com/Nero22k/cve-2023-29360", "creation_timestamp": "2024-08-16T08:28:27.000000Z"} https://db.gcve.eu/sighting/afa4e7b4-ab4f-4a26-8680-2a8bb753a8ec/export Fri, 16 Aug 2024 08:28:27 +0000