https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 25 May 2026 11:49:03 +0000 https://db.gcve.eu/sighting/78ee0cdb-4f78-4129-928b-30a2730e00b9/export {"uuid": "78ee0cdb-4f78-4129-928b-30a2730e00b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48344", "type": "seen", "source": "https://t.me/cibsecurity/58782", "content": "\u203c CVE-2022-48344 \u203c\n\nIn JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the group creation process.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-23T18:18:25.000000Z"} {"uuid": "78ee0cdb-4f78-4129-928b-30a2730e00b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48344", "type": "seen", "source": "https://t.me/cibsecurity/58782", "content": "\u203c CVE-2022-48344 \u203c\n\nIn JetBrains TeamCity before 2022.10.2 there was an XSS vulnerability in the group creation process.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-23T18:18:25.000000Z"} https://db.gcve.eu/sighting/78ee0cdb-4f78-4129-928b-30a2730e00b9/export Thu, 23 Feb 2023 18:18:25 +0000 https://db.gcve.eu/sighting/6a27951e-8d00-4977-8c3b-584c5d99e65f/export {"uuid": "6a27951e-8d00-4977-8c3b-584c5d99e65f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48342", "type": "seen", "source": "https://t.me/cibsecurity/58784", "content": "\u203c CVE-2022-48342 \u203c\n\nIn JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-23T18:18:27.000000Z"} {"uuid": "6a27951e-8d00-4977-8c3b-584c5d99e65f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48342", "type": "seen", "source": "https://t.me/cibsecurity/58784", "content": "\u203c CVE-2022-48342 \u203c\n\nIn JetBrains TeamCity before 2022.10.2 jVMTI was enabled by default on agents.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-23T18:18:27.000000Z"} https://db.gcve.eu/sighting/6a27951e-8d00-4977-8c3b-584c5d99e65f/export Thu, 23 Feb 2023 18:18:27 +0000 https://db.gcve.eu/sighting/b0f839bb-e6e7-491d-847b-65b070f8b0e6/export {"uuid": "b0f839bb-e6e7-491d-847b-65b070f8b0e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48345", "type": "seen", "source": "https://t.me/cibsecurity/58856", "content": "\u203c CVE-2022-48345 \u203c\n\nsanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-24T12:49:17.000000Z"} {"uuid": "b0f839bb-e6e7-491d-847b-65b070f8b0e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48345", "type": "seen", "source": "https://t.me/cibsecurity/58856", "content": "\u203c CVE-2022-48345 \u203c\n\nsanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-24T12:49:17.000000Z"} https://db.gcve.eu/sighting/b0f839bb-e6e7-491d-847b-65b070f8b0e6/export Fri, 24 Feb 2023 12:49:17 +0000 https://db.gcve.eu/sighting/f3ee3ff8-4ceb-4c35-b5b9-05b4fe5c416c/export {"uuid": "f3ee3ff8-4ceb-4c35-b5b9-05b4fe5c416c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48347", "type": "seen", "source": "https://t.me/cibsecurity/60858", "content": "\u203c CVE-2022-48347 \u203c\n\nThe MediaProvider module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T02:26:32.000000Z"} {"uuid": "f3ee3ff8-4ceb-4c35-b5b9-05b4fe5c416c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48347", "type": "seen", "source": "https://t.me/cibsecurity/60858", "content": "\u203c CVE-2022-48347 \u203c\n\nThe MediaProvider module has a vulnerability in permission verification. Successful exploitation of this vulnerability may affect confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T02:26:32.000000Z"} https://db.gcve.eu/sighting/f3ee3ff8-4ceb-4c35-b5b9-05b4fe5c416c/export Tue, 28 Mar 2023 02:26:32 +0000 https://db.gcve.eu/sighting/2e88cdd3-1502-41de-b5c9-48ad06d74c5e/export {"uuid": "2e88cdd3-1502-41de-b5c9-48ad06d74c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48346", "type": "seen", "source": "https://t.me/cibsecurity/60867", "content": "\u203c CVE-2022-48346 \u203c\n\nThe HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T02:32:21.000000Z"} {"uuid": "2e88cdd3-1502-41de-b5c9-48ad06d74c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48346", "type": "seen", "source": "https://t.me/cibsecurity/60867", "content": "\u203c CVE-2022-48346 \u203c\n\nThe HwContacts module has a logic bypass vulnerability. Successful exploitation of this vulnerability may affect confidentiality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-28T02:32:21.000000Z"} https://db.gcve.eu/sighting/2e88cdd3-1502-41de-b5c9-48ad06d74c5e/export Tue, 28 Mar 2023 02:32:21 +0000 https://db.gcve.eu/sighting/730e6d18-41c7-4c66-a19f-231b75809020/export {"uuid": "730e6d18-41c7-4c66-a19f-231b75809020", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48346", "type": "seen", "source": "Telegram/ZW-wbV_maKhx2pQYq5SsRyiSTDiAzSVoYu7TE5ZhSVPTwPE2", "content": "", "creation_timestamp": "2025-02-19T22:21:30.000000Z"} {"uuid": "730e6d18-41c7-4c66-a19f-231b75809020", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48346", "type": "seen", "source": "Telegram/ZW-wbV_maKhx2pQYq5SsRyiSTDiAzSVoYu7TE5ZhSVPTwPE2", "content": "", "creation_timestamp": "2025-02-19T22:21:30.000000Z"} https://db.gcve.eu/sighting/730e6d18-41c7-4c66-a19f-231b75809020/export Wed, 19 Feb 2025 22:21:30 +0000 https://db.gcve.eu/sighting/f720f0c9-412e-4f9b-a5e3-ccba07e4c377/export {"uuid": "f720f0c9-412e-4f9b-a5e3-ccba07e4c377", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48348", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5204", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48348\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of this vulnerability may affect confidentiality and integrity.\n\ud83d\udccf Published: 2023-03-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-24T19:10:14.845Z\n\ud83d\udd17 References:\n1. https://device.harmonyos.com/en/docs/security/update/security-bulletins-202303-0000001529824505\n2. https://consumer.huawei.com/en/support/bulletin/2023/3/", "creation_timestamp": "2025-02-24T19:22:18.000000Z"} {"uuid": "f720f0c9-412e-4f9b-a5e3-ccba07e4c377", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48348", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5204", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48348\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The MediaProvider module has a vulnerability of unauthorized data read. Successful exploitation of this vulnerability may affect confidentiality and integrity.\n\ud83d\udccf Published: 2023-03-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-24T19:10:14.845Z\n\ud83d\udd17 References:\n1. https://device.harmonyos.com/en/docs/security/update/security-bulletins-202303-0000001529824505\n2. https://consumer.huawei.com/en/support/bulletin/2023/3/", "creation_timestamp": "2025-02-24T19:22:18.000000Z"} https://db.gcve.eu/sighting/f720f0c9-412e-4f9b-a5e3-ccba07e4c377/export Mon, 24 Feb 2025 19:22:18 +0000 https://db.gcve.eu/sighting/18aa8c40-cd64-4586-a5ef-773e1305a912/export {"uuid": "18aa8c40-cd64-4586-a5ef-773e1305a912", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48349", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5205", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48349\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability.\n\ud83d\udccf Published: 2023-03-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-24T19:08:56.212Z\n\ud83d\udd17 References:\n1. https://device.harmonyos.com/en/docs/security/update/security-bulletins-202303-0000001529824505\n2. https://consumer.huawei.com/en/support/bulletin/2023/3/", "creation_timestamp": "2025-02-24T19:22:19.000000Z"} {"uuid": "18aa8c40-cd64-4586-a5ef-773e1305a912", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48349", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5205", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48349\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The control component has a spoofing vulnerability. Successful exploitation of this vulnerability may affect confidentiality and availability.\n\ud83d\udccf Published: 2023-03-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-24T19:08:56.212Z\n\ud83d\udd17 References:\n1. https://device.harmonyos.com/en/docs/security/update/security-bulletins-202303-0000001529824505\n2. https://consumer.huawei.com/en/support/bulletin/2023/3/", "creation_timestamp": "2025-02-24T19:22:19.000000Z"} https://db.gcve.eu/sighting/18aa8c40-cd64-4586-a5ef-773e1305a912/export Mon, 24 Feb 2025 19:22:19 +0000 https://db.gcve.eu/sighting/99739ae2-3542-49d7-b4a4-3b35c1ff5d19/export {"uuid": "99739ae2-3542-49d7-b4a4-3b35c1ff5d19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48345", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7319", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48345\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities.\n\ud83d\udccf Published: 2023-02-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-12T15:36:20.862Z\n\ud83d\udd17 References:\n1. https://github.com/braintree/sanitize-url/commit/d4bdc89f1743fe3cdb7c3f24b06e4c875f349b0c\n2. https://github.com/braintree/sanitize-url/compare/v6.0.1...v6.0.2", "creation_timestamp": "2025-03-12T15:40:48.000000Z"} {"uuid": "99739ae2-3542-49d7-b4a4-3b35c1ff5d19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48345", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7319", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48345\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: sanitize-url (aka @braintree/sanitize-url) before 6.0.2 allows XSS via HTML entities.\n\ud83d\udccf Published: 2023-02-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-12T15:36:20.862Z\n\ud83d\udd17 References:\n1. https://github.com/braintree/sanitize-url/commit/d4bdc89f1743fe3cdb7c3f24b06e4c875f349b0c\n2. https://github.com/braintree/sanitize-url/compare/v6.0.1...v6.0.2", "creation_timestamp": "2025-03-12T15:40:48.000000Z"} https://db.gcve.eu/sighting/99739ae2-3542-49d7-b4a4-3b35c1ff5d19/export Wed, 12 Mar 2025 15:40:48 +0000 https://db.gcve.eu/sighting/fd0d82a4-c1a8-4cf7-98b8-244acbf9a0fa/export {"uuid": "fd0d82a4-c1a8-4cf7-98b8-244acbf9a0fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4834", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9209", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4834\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The CPT Bootstrap Carousel WordPress plugin through 1.12 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.\n\ud83d\udccf Published: 2023-01-30T20:31:39.463Z\n\ud83d\udccf Modified: 2025-03-27T20:04:46.019Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/6183318f-0230-47a1-87f2-3c5aaef678a5", "creation_timestamp": "2025-03-27T20:27:28.000000Z"} {"uuid": "fd0d82a4-c1a8-4cf7-98b8-244acbf9a0fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4834", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9209", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4834\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The CPT Bootstrap Carousel WordPress plugin through 1.12 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.\n\ud83d\udccf Published: 2023-01-30T20:31:39.463Z\n\ud83d\udccf Modified: 2025-03-27T20:04:46.019Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/6183318f-0230-47a1-87f2-3c5aaef678a5", "creation_timestamp": "2025-03-27T20:27:28.000000Z"} https://db.gcve.eu/sighting/fd0d82a4-c1a8-4cf7-98b8-244acbf9a0fa/export Thu, 27 Mar 2025 20:27:28 +0000