https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 05:33:45 +0000 https://db.gcve.eu/sighting/ec74354e-90f8-4345-b416-ebf4934a7b94/export {"uuid": "ec74354e-90f8-4345-b416-ebf4934a7b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35857", "type": "seen", "source": "https://t.me/cibsecurity/46220", "content": "\u203c CVE-2022-35857 \u203c\n\nkvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserialization is mishandled. The rememberMe parameter is encrypted with a hardcoded key from the com.kalvin.kvf.common.shiro.ShiroConfig file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-14T08:52:47.000000Z"} {"uuid": "ec74354e-90f8-4345-b416-ebf4934a7b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35857", "type": "seen", "source": "https://t.me/cibsecurity/46220", "content": "\u203c CVE-2022-35857 \u203c\n\nkvf-admin through 2022-02-12 allows remote attackers to execute arbitrary code because deserialization is mishandled. The rememberMe parameter is encrypted with a hardcoded key from the com.kalvin.kvf.common.shiro.ShiroConfig file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-14T08:52:47.000000Z"} https://db.gcve.eu/sighting/ec74354e-90f8-4345-b416-ebf4934a7b94/export Thu, 14 Jul 2022 08:52:47 +0000 https://db.gcve.eu/sighting/fdbf41e5-688f-465a-a1ed-d436c7b7ce45/export {"uuid": "fdbf41e5-688f-465a-a1ed-d436c7b7ce45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35858", "type": "seen", "source": "https://t.me/cibsecurity/47590", "content": "\u203c CVE-2022-35858 \u203c\n\nThe TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-05T00:19:51.000000Z"} {"uuid": "fdbf41e5-688f-465a-a1ed-d436c7b7ce45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35858", "type": "seen", "source": "https://t.me/cibsecurity/47590", "content": "\u203c CVE-2022-35858 \u203c\n\nThe TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-05T00:19:51.000000Z"} https://db.gcve.eu/sighting/fdbf41e5-688f-465a-a1ed-d436c7b7ce45/export Fri, 05 Aug 2022 00:19:51 +0000 https://db.gcve.eu/sighting/afec8cf1-35a1-4832-aa44-23c896b7d0cf/export {"uuid": "afec8cf1-35a1-4832-aa44-23c896b7d0cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35850", "type": "seen", "source": "https://t.me/cibsecurity/61889", "content": "\u203c CVE-2022-35850 \u203c\n\nAn improper neutralization of script-related HTML tags in a web page vulnerability [CWE-80] in FortiAuthenticator versions 6.4.0 through 6.4.4, 6.3.0 through 6.3.3, all versions of 6.2 and 6.1 may allow a remote unauthenticated attacker to trigger a reflected cross site scripting (XSS) attack via the \"reset-password\" page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T20:23:30.000000Z"} {"uuid": "afec8cf1-35a1-4832-aa44-23c896b7d0cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-35850", "type": "seen", "source": "https://t.me/cibsecurity/61889", "content": "\u203c CVE-2022-35850 \u203c\n\nAn improper neutralization of script-related HTML tags in a web page vulnerability [CWE-80] in FortiAuthenticator versions 6.4.0 through 6.4.4, 6.3.0 through 6.3.3, all versions of 6.2 and 6.1 may allow a remote unauthenticated attacker to trigger a reflected cross site scripting (XSS) attack via the \"reset-password\" page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T20:23:30.000000Z"} https://db.gcve.eu/sighting/afec8cf1-35a1-4832-aa44-23c896b7d0cf/export Tue, 11 Apr 2023 20:23:30 +0000