https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 30 Apr 2026 11:54:51 +0000 https://db.gcve.eu/sighting/abb592df-28af-47e6-847b-e07dd8e37674/export {"uuid": "abb592df-28af-47e6-847b-e07dd8e37674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7340", "type": "seen", "source": "https://t.me/cvedetector/2146", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-7340 - Apache Weave Remote File Traversal and Disclosure Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-7340 \nPublished : July 31, 2024, 3:15 p.m. | 18\u00a0minutes ago \nDescription : The Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"31 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-31T17:40:20.000000Z"} {"uuid": "abb592df-28af-47e6-847b-e07dd8e37674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7340", "type": "seen", "source": "https://t.me/cvedetector/2146", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-7340 - Apache Weave Remote File Traversal and Disclosure Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-7340 \nPublished : July 31, 2024, 3:15 p.m. | 18\u00a0minutes ago \nDescription : The Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"31 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-31T17:40:20.000000Z"} https://db.gcve.eu/sighting/abb592df-28af-47e6-847b-e07dd8e37674/export Wed, 31 Jul 2024 17:40:20 +0000 https://db.gcve.eu/sighting/aabbd175-f7f6-4709-b344-154cc550383e/export {"uuid": "aabbd175-f7f6-4709-b344-154cc550383e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7340", "type": "published-proof-of-concept", "source": "https://t.me/G18Division/34", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-09-17T09:09:01.000000Z"} {"uuid": "aabbd175-f7f6-4709-b344-154cc550383e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7340", "type": "published-proof-of-concept", "source": "https://t.me/G18Division/34", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-09-17T09:09:01.000000Z"} https://db.gcve.eu/sighting/aabbd175-f7f6-4709-b344-154cc550383e/export Tue, 17 Sep 2024 09:09:01 +0000 https://db.gcve.eu/sighting/53d7d235-62f0-4a98-ace7-930790975351/export {"uuid": "53d7d235-62f0-4a98-ace7-930790975351", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7340", "type": "published-proof-of-concept", "source": "https://t.me/whoisAlixan/2908", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-09-17T20:40:45.000000Z"} {"uuid": "53d7d235-62f0-4a98-ace7-930790975351", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7340", "type": "published-proof-of-concept", "source": "https://t.me/whoisAlixan/2908", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-09-17T20:40:45.000000Z"} https://db.gcve.eu/sighting/53d7d235-62f0-4a98-ace7-930790975351/export Tue, 17 Sep 2024 20:40:45 +0000 https://db.gcve.eu/sighting/d2ed5d39-3e9f-4702-9ca4-3bc37093144b/export {"uuid": "d2ed5d39-3e9f-4702-9ca4-3bc37093144b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7340", "type": "published-proof-of-concept", "source": "https://t.me/BhinnekaSec/2642", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-10-15T01:39:58.000000Z"} {"uuid": "d2ed5d39-3e9f-4702-9ca4-3bc37093144b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7340", "type": "published-proof-of-concept", "source": "https://t.me/BhinnekaSec/2642", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-10-15T01:39:58.000000Z"} https://db.gcve.eu/sighting/d2ed5d39-3e9f-4702-9ca4-3bc37093144b/export Tue, 15 Oct 2024 01:39:58 +0000