https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 26 May 2026 02:35:56 +0000 https://db.gcve.eu/sighting/d20c4f5b-f64e-4172-9a91-7cb8ebc9f9de/export {"uuid": "d20c4f5b-f64e-4172-9a91-7cb8ebc9f9de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7407", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9348", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-7407\n\ud83d\udd25 CVSS Score: 8.2 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Use of a custom password encoding algorithm\u00a0in Streamsoft Presti\u017c software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are transformed.\u00a0\nThis issue was fixed in 18.2.377 version of the software.\n\ud83d\udccf Published: 2025-03-28T12:54:13.122Z\n\ud83d\udccf Modified: 2025-03-28T12:54:13.122Z\n\ud83d\udd17 References:\n1. https://cert.pl/en/posts/2025/03/CVE-2024-7407/\n2. https://www.streamsoft.pl/streamsoft-prestiz/", "creation_timestamp": "2025-03-28T13:28:04.000000Z"} {"uuid": "d20c4f5b-f64e-4172-9a91-7cb8ebc9f9de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7407", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9348", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-7407\n\ud83d\udd25 CVSS Score: 8.2 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Use of a custom password encoding algorithm\u00a0in Streamsoft Presti\u017c software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are transformed.\u00a0\nThis issue was fixed in 18.2.377 version of the software.\n\ud83d\udccf Published: 2025-03-28T12:54:13.122Z\n\ud83d\udccf Modified: 2025-03-28T12:54:13.122Z\n\ud83d\udd17 References:\n1. https://cert.pl/en/posts/2025/03/CVE-2024-7407/\n2. https://www.streamsoft.pl/streamsoft-prestiz/", "creation_timestamp": "2025-03-28T13:28:04.000000Z"} https://db.gcve.eu/sighting/d20c4f5b-f64e-4172-9a91-7cb8ebc9f9de/export Fri, 28 Mar 2025 13:28:04 +0000 https://db.gcve.eu/sighting/1704d07d-34fb-49f9-93b5-f28dbb2901aa/export {"uuid": "1704d07d-34fb-49f9-93b5-f28dbb2901aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7407", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9349", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11504\n\ud83d\udd25 CVSS Score: 8.6 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Input from multiple fields in\u00a0Streamsoft Presti\u017c is not sanitized properly, leading to an SQL injection vulnerability, which might be exploited by an authenticated remote attacker.\u00a0\nThis issue was fixed in\u00a018.1.376.37 version of the software.\n\ud83d\udccf Published: 2025-03-28T12:54:11.472Z\n\ud83d\udccf Modified: 2025-03-28T12:54:11.472Z\n\ud83d\udd17 References:\n1. https://cert.pl/en/posts/2025/03/CVE-2024-7407/\n2. https://www.streamsoft.pl/streamsoft-prestiz/", "creation_timestamp": "2025-03-28T13:28:08.000000Z"} {"uuid": "1704d07d-34fb-49f9-93b5-f28dbb2901aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7407", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9349", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11504\n\ud83d\udd25 CVSS Score: 8.6 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: Input from multiple fields in\u00a0Streamsoft Presti\u017c is not sanitized properly, leading to an SQL injection vulnerability, which might be exploited by an authenticated remote attacker.\u00a0\nThis issue was fixed in\u00a018.1.376.37 version of the software.\n\ud83d\udccf Published: 2025-03-28T12:54:11.472Z\n\ud83d\udccf Modified: 2025-03-28T12:54:11.472Z\n\ud83d\udd17 References:\n1. https://cert.pl/en/posts/2025/03/CVE-2024-7407/\n2. https://www.streamsoft.pl/streamsoft-prestiz/", "creation_timestamp": "2025-03-28T13:28:08.000000Z"} https://db.gcve.eu/sighting/1704d07d-34fb-49f9-93b5-f28dbb2901aa/export Fri, 28 Mar 2025 13:28:08 +0000 https://db.gcve.eu/sighting/8967f00e-467b-4b0f-9fe7-6f293aaeec76/export {"uuid": "8967f00e-467b-4b0f-9fe7-6f293aaeec76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7407", "type": "seen", "source": "https://t.me/cvedetector/21416", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-7407 - Streamsoft Presti\u017c Password Encoding Algorithm Weakness\", \n \"Content\": \"CVE ID : CVE-2024-7407 \nPublished : March 28, 2025, 1:15 p.m. | 1\u00a0hour, 6\u00a0minutes ago \nDescription : Use of a custom password encoding algorithm\u00a0in Streamsoft Presti\u017c software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are transformed.\u00a0 \nThis issue was fixed in 18.2.377 version of the software. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"28 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T16:04:36.000000Z"} {"uuid": "8967f00e-467b-4b0f-9fe7-6f293aaeec76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7407", "type": "seen", "source": "https://t.me/cvedetector/21416", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-7407 - Streamsoft Presti\u017c Password Encoding Algorithm Weakness\", \n \"Content\": \"CVE ID : CVE-2024-7407 \nPublished : March 28, 2025, 1:15 p.m. | 1\u00a0hour, 6\u00a0minutes ago \nDescription : Use of a custom password encoding algorithm\u00a0in Streamsoft Presti\u017c software allows straightforward decoding of passwords using their encoded forms, which are stored in the application's database. One has to know the encoding algorithm, but it can be deduced by observing how password are transformed.\u00a0 \nThis issue was fixed in 18.2.377 version of the software. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"28 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T16:04:36.000000Z"} https://db.gcve.eu/sighting/8967f00e-467b-4b0f-9fe7-6f293aaeec76/export Fri, 28 Mar 2025 16:04:36 +0000