<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://db.gcve.eu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 17 Jul 2026 04:49:12 +0000</lastBuildDate>
    <item>
      <title>71a7da89-d91e-4d12-947a-3eae72c8bb6b</title>
      <link>https://db.gcve.eu/sighting/71a7da89-d91e-4d12-947a-3eae72c8bb6b/export</link>
      <description>{"uuid": "71a7da89-d91e-4d12-947a-3eae72c8bb6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-16778", "type": "seen", "source": "https://t.me/cibsecurity/8841", "content": "ATENTION\u203c New - CVE-2017-16778\n\nAn access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow physical access to a restricted floor/level. By design, only a residential unit owner may allow such an access grant. However, due to incorrect access control, an attacker could inject it via the speaker unit to perform an access grant to gain unauthorized access, as demonstrated by a loud DTMF tone representing '1' and a long '#' (697 Hz and 1209 Hz, followed by 941 Hz and 1477 Hz).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-12-24T16:50:31.000000Z"}</description>
      <content:encoded>{"uuid": "71a7da89-d91e-4d12-947a-3eae72c8bb6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-16778", "type": "seen", "source": "https://t.me/cibsecurity/8841", "content": "ATENTION\u203c New - CVE-2017-16778\n\nAn access control weakness in the DTMF tone receiver of Fermax Outdoor Panel allows physical attackers to inject a Dual-Tone-Multi-Frequency (DTMF) tone to invoke an access grant that would allow physical access to a restricted floor/level. By design, only a residential unit owner may allow such an access grant. However, due to incorrect access control, an attacker could inject it via the speaker unit to perform an access grant to gain unauthorized access, as demonstrated by a loud DTMF tone representing '1' and a long '#' (697 Hz and 1209 Hz, followed by 941 Hz and 1477 Hz).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-12-24T16:50:31.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/71a7da89-d91e-4d12-947a-3eae72c8bb6b/export</guid>
      <pubDate>Tue, 24 Dec 2019 16:50:31 +0000</pubDate>
    </item>
    <item>
      <title>eae7e2fc-14f4-405c-b765-588aff288a7e</title>
      <link>https://db.gcve.eu/sighting/eae7e2fc-14f4-405c-b765-588aff288a7e/export</link>
      <description>{"uuid": "eae7e2fc-14f4-405c-b765-588aff288a7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-16774", "type": "seen", "source": "https://t.me/cibsecurity/3460", "content": "ATENTION\u203c New - CVE-2017-16774\n\nCross-site scripting (XSS) vulnerability in SYNO.Core.PersonalNotification.Event in Synology DiskStation Manager (DSM) before 6.1.4-15217-3 allows remote authenticated users to inject arbitrary web script or HTML via the package parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-04-01T18:32:07.000000Z"}</description>
      <content:encoded>{"uuid": "eae7e2fc-14f4-405c-b765-588aff288a7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-16774", "type": "seen", "source": "https://t.me/cibsecurity/3460", "content": "ATENTION\u203c New - CVE-2017-16774\n\nCross-site scripting (XSS) vulnerability in SYNO.Core.PersonalNotification.Event in Synology DiskStation Manager (DSM) before 6.1.4-15217-3 allows remote authenticated users to inject arbitrary web script or HTML via the package parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-04-01T18:32:07.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/eae7e2fc-14f4-405c-b765-588aff288a7e/export</guid>
      <pubDate>Mon, 01 Apr 2019 18:32:07 +0000</pubDate>
    </item>
    <item>
      <title>f41b07a7-7f55-40d1-b4c3-e232bbc9cc54</title>
      <link>https://db.gcve.eu/sighting/f41b07a7-7f55-40d1-b4c3-e232bbc9cc54/export</link>
      <description>{"uuid": "f41b07a7-7f55-40d1-b4c3-e232bbc9cc54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-16775", "type": "seen", "source": "https://t.me/cibsecurity/3459", "content": "ATENTION\u203c New - CVE-2017-16775\n\nImproper restriction of rendered UI layers or frames vulnerability in SSOOauth.cgi in Synology SSO Server before 2.1.3-0129 allows remote attackers to conduct clickjacking attacks via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-04-01T18:32:06.000000Z"}</description>
      <content:encoded>{"uuid": "f41b07a7-7f55-40d1-b4c3-e232bbc9cc54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-16775", "type": "seen", "source": "https://t.me/cibsecurity/3459", "content": "ATENTION\u203c New - CVE-2017-16775\n\nImproper restriction of rendered UI layers or frames vulnerability in SSOOauth.cgi in Synology SSO Server before 2.1.3-0129 allows remote attackers to conduct clickjacking attacks via unspecified vectors.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-04-01T18:32:06.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/f41b07a7-7f55-40d1-b4c3-e232bbc9cc54/export</guid>
      <pubDate>Mon, 01 Apr 2019 18:32:06 +0000</pubDate>
    </item>
    <item>
      <title>1fcf1376-812b-4d25-80f9-08e0d1807d3f</title>
      <link>https://db.gcve.eu/sighting/1fcf1376-812b-4d25-80f9-08e0d1807d3f/export</link>
      <description>{"uuid": "1fcf1376-812b-4d25-80f9-08e0d1807d3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-16777", "type": "exploited", "source": "https://www.exploit-db.com/exploits/43219", "content": "", "creation_timestamp": "2017-12-06T00:00:00.000000Z"}</description>
      <content:encoded>{"uuid": "1fcf1376-812b-4d25-80f9-08e0d1807d3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2017-16777", "type": "exploited", "source": "https://www.exploit-db.com/exploits/43219", "content": "", "creation_timestamp": "2017-12-06T00:00:00.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/1fcf1376-812b-4d25-80f9-08e0d1807d3f/export</guid>
      <pubDate>Wed, 06 Dec 2017 00:00:00 +0000</pubDate>
    </item>
  </channel>
</rss>
