https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 07 Jun 2026 09:17:23 +0000 https://db.gcve.eu/sighting/5ae2b657-3d8b-4a2a-8240-67339e3d092b/export {"uuid": "5ae2b657-3d8b-4a2a-8240-67339e3d092b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28311", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8141", "content": "#exploit\n1. CVE-2023-28311:\nMS Word RCE Vulnerability\nhttps://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-28311\n\n2. CVE-2023-23420/ \nCVE-2023-23421, CVE-2023-23422, CVE-2023-23423:\nMS Windows Kernel New Registry Key name Insufficient Validation / Transactional Registry Key Rename Issues\nhttps://packetstormsecurity.com/files/171867/Microsoft-Windows-Kernel-New-Registry-Key-name-Insufficient-Validation.html\nhttps://packetstormsecurity.com/files/171866/Microsoft-Windows-Kernel-Transactional-Registry-Key-Rename-Issues.html", "creation_timestamp": "2023-04-18T12:11:38.000000Z"} {"uuid": "5ae2b657-3d8b-4a2a-8240-67339e3d092b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28311", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/8141", "content": "#exploit\n1. CVE-2023-28311:\nMS Word RCE Vulnerability\nhttps://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-28311\n\n2. CVE-2023-23420/ \nCVE-2023-23421, CVE-2023-23422, CVE-2023-23423:\nMS Windows Kernel New Registry Key name Insufficient Validation / Transactional Registry Key Rename Issues\nhttps://packetstormsecurity.com/files/171867/Microsoft-Windows-Kernel-New-Registry-Key-name-Insufficient-Validation.html\nhttps://packetstormsecurity.com/files/171866/Microsoft-Windows-Kernel-Transactional-Registry-Key-Rename-Issues.html", "creation_timestamp": "2023-04-18T12:11:38.000000Z"} https://db.gcve.eu/sighting/5ae2b657-3d8b-4a2a-8240-67339e3d092b/export Tue, 18 Apr 2023 12:11:38 +0000 https://db.gcve.eu/sighting/e8fdd4b1-0e71-4a60-b96e-cb7625ceaaa7/export {"uuid": "e8fdd4b1-0e71-4a60-b96e-cb7625ceaaa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28311", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2888", "content": "Tools - Hackers Factory\n\n\u200b\u200bAndroid Forensics References\n\nhttps://github.com/RealityNet/Android-Forensics-References\n\n#forensics #infosec\n\nAwesome-FOFA\n\nThe FOFA Library collects usage tips, common scenarios, F&Q, and more for FOFA.\n\nhttps://github.com/FofaInfo/Awesome-FOFA\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bSafeguards Study\n\nThis repository contains the data and software for experimenting with Internet of Things safeguards. We released this with the public release of the paper \"Protected or Porous: A Comparative Analysis of Threat Detection Capability of IoT Safeguards\".\n\nhttps://github.com/IoTrim/safeguards-study\n\nDetails:\nhttps://iotrim.github.io/safeguards.html\n\n#cybersecurity #infosec\n\n\u200b\u200bSSRF-Testing\n\nSSRF (Server Side Request Forgery) testing resources.\n\nhttps://github.com/cujanovic/SSRF-Testing\n\n#pentesting #redteam #bugbounty\n\nMemProcFS\n\nMemProcFS is an easy and convenient way of viewing physical memory as files in a virtual file system.\n\nhttps://github.com/ufrisk/MemProcFS\n\n#cybersecurity #infosec\n\n\u200b\u200bAuthorization-Nuclei-Templates\n\nhttps://github.com/Lu3ky13/Authorization-Nuclei-Templates\n\n#pentesting #redteam #bugbounty\n\n\u200b\u200bgetallurls (gau)\n\nFetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.\n\nhttps://github.com/lc/gau\n\n#cybersecurity #infosec\n\nCVE-2023-28311 MS Word RCE Vulnerability\n\nThe attack itself is carried out locally by a user with authentication to the targeted system. An attacker could exploit the vulnerability by convincing a victim, through social engineering, to download and open a specially crafted file from a website which could lead to a local attack on the victim's computer. The attacker can trick the victim to open a malicious web page by using a Word malicious file and he can steal credentials, and bank accounts information, sniffing and tracking all the traffic of the victim without stopping - it depends on the scenario and etc.\n\nhttps://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-28311\n\n#infosec #pentesting #redteam\n\n\u200b\u200bKnock\n\nKnockpy is a portable and modular python3 tool designed to quickly enumerate subdomains on a target domain through passive reconnaissance and dictionary scan.\n\nhttps://github.com/guelfoweb/knock\n\n#pentesting #redteam #bugbounty\n\n\u200b\u200bICS Security Tools, Tips, and Trade\n\nThis effort intends to pull together tools, tips, and tricks of the trade to working on cyber security in the ICS environment. The code repository will house any specific scripts, tools, configurations, or other useful tidbits to utilize in this space.\n\nhttps://github.com/ITI/ICS-Security-Tools\n\n#cybersecurity #infosec\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-04-19T00:33:25.000000Z"} {"uuid": "e8fdd4b1-0e71-4a60-b96e-cb7625ceaaa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28311", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2888", "content": "Tools - Hackers Factory\n\n\u200b\u200bAndroid Forensics References\n\nhttps://github.com/RealityNet/Android-Forensics-References\n\n#forensics #infosec\n\nAwesome-FOFA\n\nThe FOFA Library collects usage tips, common scenarios, F&Q, and more for FOFA.\n\nhttps://github.com/FofaInfo/Awesome-FOFA\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bSafeguards Study\n\nThis repository contains the data and software for experimenting with Internet of Things safeguards. We released this with the public release of the paper \"Protected or Porous: A Comparative Analysis of Threat Detection Capability of IoT Safeguards\".\n\nhttps://github.com/IoTrim/safeguards-study\n\nDetails:\nhttps://iotrim.github.io/safeguards.html\n\n#cybersecurity #infosec\n\n\u200b\u200bSSRF-Testing\n\nSSRF (Server Side Request Forgery) testing resources.\n\nhttps://github.com/cujanovic/SSRF-Testing\n\n#pentesting #redteam #bugbounty\n\nMemProcFS\n\nMemProcFS is an easy and convenient way of viewing physical memory as files in a virtual file system.\n\nhttps://github.com/ufrisk/MemProcFS\n\n#cybersecurity #infosec\n\n\u200b\u200bAuthorization-Nuclei-Templates\n\nhttps://github.com/Lu3ky13/Authorization-Nuclei-Templates\n\n#pentesting #redteam #bugbounty\n\n\u200b\u200bgetallurls (gau)\n\nFetch known URLs from AlienVault's Open Threat Exchange, the Wayback Machine, and Common Crawl.\n\nhttps://github.com/lc/gau\n\n#cybersecurity #infosec\n\nCVE-2023-28311 MS Word RCE Vulnerability\n\nThe attack itself is carried out locally by a user with authentication to the targeted system. An attacker could exploit the vulnerability by convincing a victim, through social engineering, to download and open a specially crafted file from a website which could lead to a local attack on the victim's computer. The attacker can trick the victim to open a malicious web page by using a Word malicious file and he can steal credentials, and bank accounts information, sniffing and tracking all the traffic of the victim without stopping - it depends on the scenario and etc.\n\nhttps://github.com/nu11secur1ty/CVE-mitre/tree/main/2023/CVE-2023-28311\n\n#infosec #pentesting #redteam\n\n\u200b\u200bKnock\n\nKnockpy is a portable and modular python3 tool designed to quickly enumerate subdomains on a target domain through passive reconnaissance and dictionary scan.\n\nhttps://github.com/guelfoweb/knock\n\n#pentesting #redteam #bugbounty\n\n\u200b\u200bICS Security Tools, Tips, and Trade\n\nThis effort intends to pull together tools, tips, and tricks of the trade to working on cyber security in the ICS environment. The code repository will house any specific scripts, tools, configurations, or other useful tidbits to utilize in this space.\n\nhttps://github.com/ITI/ICS-Security-Tools\n\n#cybersecurity #infosec\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-04-19T00:33:25.000000Z"} https://db.gcve.eu/sighting/e8fdd4b1-0e71-4a60-b96e-cb7625ceaaa7/export Wed, 19 Apr 2023 00:33:25 +0000 https://db.gcve.eu/sighting/150cdddf-2f81-475d-bfde-f4a594589b3f/export {"uuid": "150cdddf-2f81-475d-bfde-f4a594589b3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28316", "type": "seen", "source": "https://t.me/cibsecurity/63708", "content": "\u203c CVE-2023-28316 \u203c\n\nA security vulnerability has been discovered in the implementation of 2FA on the rocket.chat platform, where other active sessions are not invalidated upon activating 2FA. This could potentially allow an attacker to maintain access to a compromised account even after 2FA is enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T02:13:52.000000Z"} {"uuid": "150cdddf-2f81-475d-bfde-f4a594589b3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28316", "type": "seen", "source": "https://t.me/cibsecurity/63708", "content": "\u203c CVE-2023-28316 \u203c\n\nA security vulnerability has been discovered in the implementation of 2FA on the rocket.chat platform, where other active sessions are not invalidated upon activating 2FA. This could potentially allow an attacker to maintain access to a compromised account even after 2FA is enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T02:13:52.000000Z"} https://db.gcve.eu/sighting/150cdddf-2f81-475d-bfde-f4a594589b3f/export Wed, 10 May 2023 02:13:52 +0000 https://db.gcve.eu/sighting/eb4f6b04-c874-48b1-bcf9-f8907beec1ec/export {"uuid": "eb4f6b04-c874-48b1-bcf9-f8907beec1ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28318", "type": "seen", "source": "https://t.me/cibsecurity/63709", "content": "\u203c CVE-2023-28318 \u203c\n\nA vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T02:13:53.000000Z"} {"uuid": "eb4f6b04-c874-48b1-bcf9-f8907beec1ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28318", "type": "seen", "source": "https://t.me/cibsecurity/63709", "content": "\u203c CVE-2023-28318 \u203c\n\nA vulnerability has been discovered in Rocket.Chat, where messages can be hidden regardless of the Message_KeepHistory or Message_ShowDeletedStatus server configuration. This allows users to bypass the intended message deletion behavior, hiding messages and deletion notices.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T02:13:53.000000Z"} https://db.gcve.eu/sighting/eb4f6b04-c874-48b1-bcf9-f8907beec1ec/export Wed, 10 May 2023 02:13:53 +0000 https://db.gcve.eu/sighting/0fdf5873-9e4e-4a0e-8e9a-023df02ff446/export {"uuid": "0fdf5873-9e4e-4a0e-8e9a-023df02ff446", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28317", "type": "seen", "source": "https://t.me/cibsecurity/63711", "content": "\u203c CVE-2023-28317 \u203c\n\nA vulnerability has been discovered in Rocket.Chat, where editing messages can change the original timestamp, causing the UI to display messages in an incorrect order.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T02:13:54.000000Z"} {"uuid": "0fdf5873-9e4e-4a0e-8e9a-023df02ff446", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28317", "type": "seen", "source": "https://t.me/cibsecurity/63711", "content": "\u203c CVE-2023-28317 \u203c\n\nA vulnerability has been discovered in Rocket.Chat, where editing messages can change the original timestamp, causing the UI to display messages in an incorrect order.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T02:13:54.000000Z"} https://db.gcve.eu/sighting/0fdf5873-9e4e-4a0e-8e9a-023df02ff446/export Wed, 10 May 2023 02:13:54 +0000 https://db.gcve.eu/sighting/d2683dbd-ca11-42f9-9290-379e932d0ec4/export {"uuid": "d2683dbd-ca11-42f9-9290-379e932d0ec4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28311", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4946", "content": "CVE-2023-28311 ( Microsoft Word Remote Code Execution Vulnerability )\n\nGithub\n\n #CVE #Windows #RCE\n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:18.000000Z"} {"uuid": "d2683dbd-ca11-42f9-9290-379e932d0ec4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28311", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/4946", "content": "CVE-2023-28311 ( Microsoft Word Remote Code Execution Vulnerability )\n\nGithub\n\n #CVE #Windows #RCE\n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:18.000000Z"} https://db.gcve.eu/sighting/d2683dbd-ca11-42f9-9290-379e932d0ec4/export Sat, 20 May 2023 00:26:18 +0000 https://db.gcve.eu/sighting/8bf27980-10fb-49cd-a966-f6c5cd0f497a/export {"uuid": "8bf27980-10fb-49cd-a966-f6c5cd0f497a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28319", "type": "seen", "source": "https://t.me/ctinow/120266", "content": "https://ift.tt/PFiTW7R\nInternet Bug Bounty: CVE-2023-28319: UAF in SSH sha256 fingerprint check", "creation_timestamp": "2023-06-25T21:52:22.000000Z"} {"uuid": "8bf27980-10fb-49cd-a966-f6c5cd0f497a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28319", "type": "seen", "source": "https://t.me/ctinow/120266", "content": "https://ift.tt/PFiTW7R\nInternet Bug Bounty: CVE-2023-28319: UAF in SSH sha256 fingerprint check", "creation_timestamp": "2023-06-25T21:52:22.000000Z"} https://db.gcve.eu/sighting/8bf27980-10fb-49cd-a966-f6c5cd0f497a/export Sun, 25 Jun 2023 21:52:22 +0000 https://db.gcve.eu/sighting/7ecf7170-7650-4e55-a5cb-08c368d4fb42/export {"uuid": "7ecf7170-7650-4e55-a5cb-08c368d4fb42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28311", "type": "seen", "source": "MISP/90c48209-4498-43a7-8855-8ddecb91578f", "content": "", "creation_timestamp": "2024-08-01T07:07:18.000000Z"} {"uuid": "7ecf7170-7650-4e55-a5cb-08c368d4fb42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28311", "type": "seen", "source": "MISP/90c48209-4498-43a7-8855-8ddecb91578f", "content": "", "creation_timestamp": "2024-08-01T07:07:18.000000Z"} https://db.gcve.eu/sighting/7ecf7170-7650-4e55-a5cb-08c368d4fb42/export Thu, 01 Aug 2024 07:07:18 +0000 https://db.gcve.eu/sighting/40fd1616-3adf-4860-ab7c-628db752f9dd/export {"uuid": "40fd1616-3adf-4860-ab7c-628db752f9dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28312", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1644", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28312\n\ud83d\udd39 Description: Azure Machine Learning Information Disclosure Vulnerability\n\ud83d\udccf Published: 2023-04-11T19:14:03.834Z\n\ud83d\udccf Modified: 2025-01-14T23:57:26.787Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28312", "creation_timestamp": "2025-01-15T00:09:54.000000Z"} {"uuid": "40fd1616-3adf-4860-ab7c-628db752f9dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28312", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1644", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28312\n\ud83d\udd39 Description: Azure Machine Learning Information Disclosure Vulnerability\n\ud83d\udccf Published: 2023-04-11T19:14:03.834Z\n\ud83d\udccf Modified: 2025-01-14T23:57:26.787Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28312", "creation_timestamp": "2025-01-15T00:09:54.000000Z"} https://db.gcve.eu/sighting/40fd1616-3adf-4860-ab7c-628db752f9dd/export Wed, 15 Jan 2025 00:09:54 +0000 https://db.gcve.eu/sighting/c8d014bd-ee8d-435b-9749-66948ae4a2f0/export {"uuid": "c8d014bd-ee8d-435b-9749-66948ae4a2f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28311", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1645", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28311\n\ud83d\udd39 Description: Microsoft Word Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2023-04-11T19:14:03.296Z\n\ud83d\udccf Modified: 2025-01-14T23:57:26.204Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28311", "creation_timestamp": "2025-01-15T00:10:14.000000Z"} {"uuid": "c8d014bd-ee8d-435b-9749-66948ae4a2f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28311", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1645", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-28311\n\ud83d\udd39 Description: Microsoft Word Remote Code Execution Vulnerability\n\ud83d\udccf Published: 2023-04-11T19:14:03.296Z\n\ud83d\udccf Modified: 2025-01-14T23:57:26.204Z\n\ud83d\udd17 References:\n1. https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-28311", "creation_timestamp": "2025-01-15T00:10:14.000000Z"} https://db.gcve.eu/sighting/c8d014bd-ee8d-435b-9749-66948ae4a2f0/export Wed, 15 Jan 2025 00:10:14 +0000