https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 03 May 2026 11:58:29 +0000 https://db.gcve.eu/sighting/6455d3e8-261b-4888-8704-d09ceb3ce24a/export {"uuid": "6455d3e8-261b-4888-8704-d09ceb3ce24a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46881", "type": "seen", "source": "https://t.me/cibsecurity/55167", "content": "\u203c CVE-2022-46881 \u203c\n\nAn optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and Thunderbird < 102.6.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:27:00.000000Z"} {"uuid": "6455d3e8-261b-4888-8704-d09ceb3ce24a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46881", "type": "seen", "source": "https://t.me/cibsecurity/55167", "content": "\u203c CVE-2022-46881 \u203c\n\nAn optimization in WebGL was incorrect in some cases, and could have led to memory corruption and a potentially exploitable crash. This vulnerability affects Firefox < 106, Firefox ESR < 102.6, and Thunderbird < 102.6.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:27:00.000000Z"} https://db.gcve.eu/sighting/6455d3e8-261b-4888-8704-d09ceb3ce24a/export Thu, 22 Dec 2022 22:27:00 +0000 https://db.gcve.eu/sighting/69d3652e-d222-47a1-b97a-30d25811ddb6/export {"uuid": "69d3652e-d222-47a1-b97a-30d25811ddb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46883", "type": "seen", "source": "https://t.me/cibsecurity/55174", "content": "\u203c CVE-2022-46883 \u203c\n\nMozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 107. This vulnerability affects Firefox < 107.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:27:11.000000Z"} {"uuid": "69d3652e-d222-47a1-b97a-30d25811ddb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46883", "type": "seen", "source": "https://t.me/cibsecurity/55174", "content": "\u203c CVE-2022-46883 \u203c\n\nMozilla developers Gabriele Svelto, Yulia Startsev, Andrew McCreight and the Mozilla Fuzzing Team reported memory safety bugs present in Firefox 106. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code.*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 107. This vulnerability affects Firefox < 107.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:27:11.000000Z"} https://db.gcve.eu/sighting/69d3652e-d222-47a1-b97a-30d25811ddb6/export Thu, 22 Dec 2022 22:27:11 +0000 https://db.gcve.eu/sighting/667016e1-1c17-49eb-a04d-285c2f2b46bc/export {"uuid": "667016e1-1c17-49eb-a04d-285c2f2b46bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46882", "type": "seen", "source": "https://t.me/cibsecurity/55180", "content": "\u203c CVE-2022-46882 \u203c\n\nA use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:27:18.000000Z"} {"uuid": "667016e1-1c17-49eb-a04d-285c2f2b46bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46882", "type": "seen", "source": "https://t.me/cibsecurity/55180", "content": "\u203c CVE-2022-46882 \u203c\n\nA use-after-free in WebGL extensions could have led to a potentially exploitable crash. This vulnerability affects Firefox < 107, Firefox ESR < 102.6, and Thunderbird < 102.6.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T22:27:18.000000Z"} https://db.gcve.eu/sighting/667016e1-1c17-49eb-a04d-285c2f2b46bc/export Thu, 22 Dec 2022 22:27:18 +0000 https://db.gcve.eu/sighting/1f64a758-bf94-445c-8dad-092e16893553/export {"uuid": "1f64a758-bf94-445c-8dad-092e16893553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4688", "type": "seen", "source": "https://t.me/cibsecurity/55238", "content": "\u203c CVE-2022-4688 \u203c\n\nImproper Authorization in GitHub repository usememos/memos prior to 0.9.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-23T14:14:33.000000Z"} {"uuid": "1f64a758-bf94-445c-8dad-092e16893553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4688", "type": "seen", "source": "https://t.me/cibsecurity/55238", "content": "\u203c CVE-2022-4688 \u203c\n\nImproper Authorization in GitHub repository usememos/memos prior to 0.9.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-23T14:14:33.000000Z"} https://db.gcve.eu/sighting/1f64a758-bf94-445c-8dad-092e16893553/export Fri, 23 Dec 2022 14:14:33 +0000 https://db.gcve.eu/sighting/d5bd5fbd-8938-4f91-b314-be4fd5a2c1dc/export {"uuid": "d5bd5fbd-8938-4f91-b314-be4fd5a2c1dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46886", "type": "seen", "source": "https://t.me/cibsecurity/62199", "content": "\u203c CVE-2022-46886 \u203c\n\nThere exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-15T00:26:25.000000Z"} {"uuid": "d5bd5fbd-8938-4f91-b314-be4fd5a2c1dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46886", "type": "seen", "source": "https://t.me/cibsecurity/62199", "content": "\u203c CVE-2022-46886 \u203c\n\nThere exists an open redirect within the response list update functionality of ServiceNow. This allows attackers to redirect users to arbitrary domains when clicking on a URL within a service-now domain.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-15T00:26:25.000000Z"} https://db.gcve.eu/sighting/d5bd5fbd-8938-4f91-b314-be4fd5a2c1dc/export Sat, 15 Apr 2023 00:26:25 +0000 https://db.gcve.eu/sighting/2ca17a68-deb9-463c-94c8-54d617f74f8f/export {"uuid": "2ca17a68-deb9-463c-94c8-54d617f74f8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46884", "type": "seen", "source": "https://t.me/cibsecurity/69125", "content": "\u203c CVE-2022-46884 \u203c\n\nA potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable crash.*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 106. This vulnerability affects Firefox < 106.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-24T20:13:01.000000Z"} {"uuid": "2ca17a68-deb9-463c-94c8-54d617f74f8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46884", "type": "seen", "source": "https://t.me/cibsecurity/69125", "content": "\u203c CVE-2022-46884 \u203c\n\nA potential use-after-free vulnerability existed in SVG Images if the Refresh Driver was destroyed at an inopportune time. This could have lead to memory corruption or a potentially exploitable crash.*Note*: This advisory was added on December 13th, 2022 after discovering it was inadvertently left out of the original advisory. The fix was included in the original release of Firefox 106. This vulnerability affects Firefox < 106.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-24T20:13:01.000000Z"} https://db.gcve.eu/sighting/2ca17a68-deb9-463c-94c8-54d617f74f8f/export Thu, 24 Aug 2023 20:13:01 +0000 https://db.gcve.eu/sighting/e7838705-dc2c-42e4-ae81-d31b72ec4617/export {"uuid": "e7838705-dc2c-42e4-ae81-d31b72ec4617", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46889", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10298", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46889\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A persistent cross-site scripting (XSS) vulnerability in NexusPHP before 1.7.33 allows remote authenticated attackers to permanently inject arbitrary web script or HTML via the title parameter used in /subtitles.php.\n\ud83d\udccf Published: 2023-01-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-03T18:10:03.704Z\n\ud83d\udd17 References:\n1. https://github.com/xiaomlove/nexusphp/releases/tag/v1.7.33\n2. https://www.surecloud.com/resources/blog/nexusphp-surecloud-security-review-identifies-authenticated-unauthenticated-vulnerabilities", "creation_timestamp": "2025-04-03T18:35:25.000000Z"} {"uuid": "e7838705-dc2c-42e4-ae81-d31b72ec4617", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46889", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10298", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46889\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A persistent cross-site scripting (XSS) vulnerability in NexusPHP before 1.7.33 allows remote authenticated attackers to permanently inject arbitrary web script or HTML via the title parameter used in /subtitles.php.\n\ud83d\udccf Published: 2023-01-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-03T18:10:03.704Z\n\ud83d\udd17 References:\n1. https://github.com/xiaomlove/nexusphp/releases/tag/v1.7.33\n2. https://www.surecloud.com/resources/blog/nexusphp-surecloud-security-review-identifies-authenticated-unauthenticated-vulnerabilities", "creation_timestamp": "2025-04-03T18:35:25.000000Z"} https://db.gcve.eu/sighting/e7838705-dc2c-42e4-ae81-d31b72ec4617/export Thu, 03 Apr 2025 18:35:25 +0000 https://db.gcve.eu/sighting/4058e00c-7fde-4aeb-8b76-46cc843fdde2/export {"uuid": "4058e00c-7fde-4aeb-8b76-46cc843fdde2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4688", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11167", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4688\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Authorization in GitHub repository usememos/memos prior to 0.9.0.\n\ud83d\udccf Published: 2022-12-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-09T20:35:24.121Z\n\ud83d\udd17 References:\n1. https://github.com/usememos/memos/commit/dca35bde877aab6e64ef51b52e590b5d48f692f9\n2. https://huntr.dev/bounties/23856e7e-94ff-4dee-97d0-0cd47e9b8ff6", "creation_timestamp": "2025-04-09T20:48:33.000000Z"} {"uuid": "4058e00c-7fde-4aeb-8b76-46cc843fdde2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4688", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11167", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4688\n\ud83d\udd25 CVSS Score: 8.8 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Authorization in GitHub repository usememos/memos prior to 0.9.0.\n\ud83d\udccf Published: 2022-12-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-09T20:35:24.121Z\n\ud83d\udd17 References:\n1. https://github.com/usememos/memos/commit/dca35bde877aab6e64ef51b52e590b5d48f692f9\n2. https://huntr.dev/bounties/23856e7e-94ff-4dee-97d0-0cd47e9b8ff6", "creation_timestamp": "2025-04-09T20:48:33.000000Z"} https://db.gcve.eu/sighting/4058e00c-7fde-4aeb-8b76-46cc843fdde2/export Wed, 09 Apr 2025 20:48:33 +0000