https://vulnerability.circl.lu/sightings/feed 2026-05-31T05:33:42.418259+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/c71006b8-89ba-495d-95cd-edbb029314c0/export 2026-05-31T05:33:42.770889+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "c71006b8-89ba-495d-95cd-edbb029314c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2499", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3008", "content": "Cybersecurity News - Hackers Factory \n\n\n\u200aFlaw in Telegram Gives Attackers Access to macOS Camera\n\nhttps://restoreprivacy.com/flaw-in-telegram-gives-attackers-access-to-macos-camera/\n\n\u200aStealthy MerDoor malware uncovered after five years of attacks\n\nhttps://www.bleepingcomputer.com/news/security/stealthy-merdoor-malware-uncovered-after-five-years-of-attacks/\n\n\u200aTransportation Department breach exposes data of federal employees\n\nhttps://fedscoop.com/transerve-data-breach/\n\n\u200aRansomware gang steals data of 5.8 million PharMerica patients\n\nhttps://www.bleepingcomputer.com/news/security/ransomware-gang-steals-data-of-58-million-pharmerica-patients/\n\n\u200aWhatsApp now lets you lock chats with a password or fingerprint\n\nhttps://www.bleepingcomputer.com/news/security/whatsapp-now-lets-you-lock-chats-with-a-password-or-fingerprint/\n\n\u200aNovel Malware Strain, PIPEDREAM, Deployed by Russian-Linked Hackers Against US Energy Corporations\n\nhttps://latesthackingnews.com/2023/05/15/novel-malware-strain-pipedream-deployed-by-russian-linked-hackers-against-us-energy-corporations/\n\n\u200aVirusTotal AI code analysis expands Windows, Linux script support\n\nhttps://www.bleepingcomputer.com/news/security/virustotal-ai-code-analysis-expands-windows-linux-script-support/\n\n\u200aThe new info-stealing malware operations to watch out for\n\nhttps://www.bleepingcomputer.com/news/security/the-new-info-stealing-malware-operations-to-watch-out-for/\n\n\u200aPhiladelphia Inquirer operations disrupted after cyberattack\n\nhttps://www.bleepingcomputer.com/news/security/philadelphia-inquirer-operations-disrupted-after-cyberattack/\n\n\u200aExploit available for critical RCE (CVE-2023-32314) bug in VM2 sandbox library\n\nhttps://securityonline.info/exploit-available-for-critical-rce-cve-2023-32314-bug-in-vm2-sandbox-library/\n\n\u200aAuthentication Bypass Flaw CVE-2023-2499 in WordPress Plugin With Over 10,000 Installations\n\nhttps://securityonline.info/authentication-bypass-flaw-cve-2023-2499-in-wordpress-plugin-with-over-10000-installations/\n\n\u200aEntropyReducer: Reduce Entropy And Obfuscate Your Payload\n\nhttps://securityonline.info/entropyreducer-reduce-entropy-and-obfuscate-your-payload/\n\n\u200aPoC Released for Linux Kernel Privilege Escalation (CVE-2023-32233) Vulnerability\n\nhttps://securityonline.info/poc-released-for-linux-kernel-privilege-escalation-cve-2023-32233-vulnerability/\n\n\u200aMultiple Vulnerabilities Uncovered in Kiddoware Kids Place Parental Control Android App\n\nhttps://securityonline.info/multiple-vulnerabilities-uncovered-in-kiddoware-kids-place-parental-control-android-app/\n\n\u200aHow the A-GPS in your smartphone works, and whether Qualcomm is tracking you | Kaspersky official blog\n\nhttps://www.kaspersky.com/blog/gps-agps-supl-tracking-protection/48175/\n\n\u200aThe nature of cyberincidents in 2022\n\nhttps://securelist.com/kaspersky-incident-response-report-2022/109680/\n\n\u200aFormer Ubiquiti employee gets 6 years in jail for stealing confidential data and extorting company\n\nhttps://securityaffairs.com/146228/cyber-crime/uiti-employee-sentenced-6-years.html\n\n\u200aIntroducing the DRM-Report Q1 2023: Unveiling the Current State of Ransomware\n\nhttps://securityaffairs.com/146241/malware/drm-dashboard-ransomware-monitor-q1-2023.html\n\n\u200aNew RA Group ransomware gang is the latest group using leaked Babuk source code\n\nhttps://securityaffairs.com/146248/cyber-crime/new-ra-group.html\n\n\u200aMicrosoft Security highlights from RSA Conference 2023\n\nhttps://www.microsoft.com/en-us/security/blog/2023/05/15/microsoft-security-highlights-from-rsa-conference-2023/\n\n\u200aFerrari Website Flaw Exposes Their Database Credentials\n\nhttps://gbhackers.com/ferrari-website-flaw-exposes-their-database-credentials/\n\n\u200aHackers Adapting New Unique Way to Overcome Microsoft Default Macro Block\n\nhttps://gbhackers.com/microsoft-default-macro-block/\n\n\u200aToyota Data Breach \u2013 Over 2 Million Customers Data Exposed\n\nhttps://gbhackers.com/toyota-data-breach/\n\n\u200aWhatsApp \u2013 Now you Can Lock & Hide Chats with a Password\n\nhttps://gbhackers.com/whatsapp-chat-lock/\n\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-05-16T11:19:44.000000Z"} 2023-05-16T11:19:44+00:00 https://vulnerability.circl.lu/sighting/22bdef4f-42a2-4654-b466-2cd9f0469287/export 2026-05-31T05:33:42.770809+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "22bdef4f-42a2-4654-b466-2cd9f0469287", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24998", "type": "seen", "source": "https://t.me/cibsecurity/64516", "content": "\u203c CVE-2023-28709 \u203c\n\nThe fix for CVE-2023-24998 was incomplete for Apache Tomcat 11.0.0-M2 to 11.0.0-M4, 10.1.5 to 10.1.7, 9.0.71 to 9.0.73 and 8.5.85 to 8.5.87. If non-default HTTP connector settings were used such that the maxParameterCount\u00c2\u00a0could be reached using query string parameters and a request was submitted that supplied exactly maxParameterCount parameters\u00c2\u00a0in the query string, the limit for uploaded request parts could be\u00c2\u00a0bypassed with the potential for a denial of service to occur.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-22T14:25:26.000000Z"} 2023-05-22T14:25:26+00:00 https://vulnerability.circl.lu/sighting/ce73ab2c-db94-4599-bfa0-1cb15ffa68ce/export 2026-05-31T05:33:42.770695+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "ce73ab2c-db94-4599-bfa0-1cb15ffa68ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24998", "type": "seen", "source": "https://t.me/true_secator/4880", "content": "\u0412 \u0440\u0435\u0448\u0435\u043d\u0438\u044f\u0445 Atlassian \u0438 ISC BIND \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u044b \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f DoS \u0438 RCE.\n\n\u0410\u0432\u0441\u0442\u0440\u0430\u043b\u0438\u0439\u0441\u043a\u0438\u0439 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a \u041f\u041e \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b \u0432 \u043d\u043e\u0432\u044b\u0445 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0447\u0435\u0442\u044b\u0440\u0435\u0445 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0445 \u043e\u0448\u0438\u0431\u043e\u043a \u0432 Jira, Confluence, Bitbucket \u0438 Bamboo.\n\n\u0421\u0430\u043c\u0430\u044f \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u0430\u044f \u0438\u0437 \u044d\u0442\u0438\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c CVE-2023-22513\u00a0(CVSS: 8,5) \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c RCE \u0432 Bitbucket. \u0410\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e \u0431\u0435\u0437 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c. \u041f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u043f\u043e\u044f\u0432\u0438\u043b\u0430\u0441\u044c \u0432 Bitbucket \u0432\u0435\u0440\u0441\u0438\u0438 8.0.0 \u0438 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u0432\u044b\u043f\u0443\u0441\u043a\u043e\u0432 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 8.14.0.\n\n\u0412\u0442\u043e\u0440\u0430\u044f CVE-2023-22512 (CVSS 7,5) - \u044d\u0442\u043e DoS-\u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0432 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430\u0445 Confluence Data Center \u0438 Server (\u043d\u0430\u0447\u0438\u043d\u0430\u044f \u0441 \u0432\u0435\u0440\u0441\u0438\u0438 5.6 \u0437\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0438 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u0430 \u0434\u043e 8.5.0 \u0432\u043a\u043b\u044e\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e). \u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a, \u043d\u0435 \u043f\u0440\u043e\u0448\u0435\u0434\u0448\u0438\u0439 \u043f\u0440\u043e\u0432\u0435\u0440\u043a\u0443 \u043f\u043e\u0434\u043b\u0438\u043d\u043d\u043e\u0441\u0442\u0438, \u043c\u043e\u0436\u0435\u0442 \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u044d\u0442\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c\u044e, \u0447\u0442\u043e\u0431\u044b \u0437\u0430\u043f\u0440\u0435\u0442\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u0440\u0435\u0441\u0443\u0440\u0441\u0430\u043c, \u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0438\u043b\u0438 \u043d\u0430 \u043d\u0435\u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0439 \u0441\u0440\u043e\u043a \u043d\u0430\u0440\u0443\u0448\u0430\u044f \u0440\u0430\u0431\u043e\u0442\u0443 \u0441\u043b\u0443\u0436\u0431 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0433\u043e \u0445\u043e\u0441\u0442\u0430, \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u043d\u043e\u0433\u043e \u043a \u0441\u0435\u0442\u0438.\n\nCVE-2023-28709 (CVSS 7,5), \u043e\u043f\u0438\u0441\u044b\u0432\u0430\u0435\u0442\u0441\u044f \u043a\u0430\u043a DoS-\u043e\u0448\u0438\u0431\u043a\u0430 \u043d\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0435 Apache Tomcat, \u0432\u043b\u0438\u044f\u044e\u0449\u0430\u044f \u043d\u0430 Bamboo. \u041f\u0440\u0438\u0447\u0435\u043c \u0432 Apache Tomcat \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u043f\u043e\u0442\u043e\u043c\u0443, \u0447\u0442\u043e \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0434\u0440\u0443\u0433\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, CVE-2023-24998, \u0431\u044b\u043b\u043e \u043d\u0435\u043f\u043e\u043b\u043d\u044b\u043c.\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043d\u044b\u0435 \u0434\u043b\u044f Jira, \u0443\u0441\u0442\u0440\u0430\u043d\u044f\u044e\u0442\u00a0CVE-2022-25647\u00a0(CVSS 7,5), \u043e\u0448\u0438\u0431\u043a\u0443 \u0434\u0435\u0441\u0435\u0440\u0438\u0430\u043b\u0438\u0437\u0430\u0446\u0438\u0438 \u0432 \u043f\u0430\u043a\u0435\u0442\u0435 Google Gson, \u0432\u043b\u0438\u044f\u044e\u0449\u0443\u044e \u043d\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u0435 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f\u043c\u0438 \u0432 Jira Service Management.\n\n\u0414\u0432\u0435 \u0441\u0435\u0440\u044c\u0435\u0437\u043d\u044b\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 \u0437\u0430\u043a\u0440\u044b\u0442\u044b ISC \u0432 Berkeley Internet Name Domain 9 (BIND).\n\nCVE-2023-3341\u00a0(CVSS: 7,5) \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0441\u043e\u0431\u043e\u0439 \u043e\u0448\u0438\u0431\u043a\u0443 \u0438\u0441\u0447\u0435\u0440\u043f\u0430\u043d\u0438\u044f \u0441\u0442\u0435\u043a\u0430 \u0432 \u043a\u043e\u0434\u0435 \u043a\u0430\u043d\u0430\u043b\u0430 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0435\u043e\u0436\u0438\u0434\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044e \u0440\u0430\u0431\u043e\u0442\u044b \u043c\u0435\u0442\u043e\u0434\u0430 Name (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043e \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 9.16.44, 9.18.19, 9.19.17, 9.16.44-S1 \u0438 9.18, 19-S1).\n\n\u0414\u0440\u0443\u0433\u0430\u044f CVE-2023-4236\u00a0(CVSS: 7,5) - \u044d\u0442\u043e \u043e\u0448\u0438\u0431\u043a\u0430 \u0432 \u0441\u0435\u0442\u0435\u0432\u043e\u043c \u043a\u043e\u0434\u0435, \u043e\u0431\u0440\u0430\u0431\u0430\u0442\u044b\u0432\u0430\u044e\u0449\u0435\u043c \u0437\u0430\u043f\u0440\u043e\u0441\u044b DNS-over-TLS, \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043d\u0435\u043e\u0436\u0438\u0434\u0430\u043d\u043d\u043e\u043c\u0443 \u0437\u0430\u0432\u0435\u0440\u0448\u0435\u043d\u0438\u044e named. \u042d\u0442\u043e \u043f\u0440\u043e\u0438\u0441\u0445\u043e\u0434\u0438\u0442, \u043a\u043e\u0433\u0434\u0430 \u0432\u043d\u0443\u0442\u0440\u0435\u043d\u043d\u0438\u0435 \u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u044b \u0434\u0430\u043d\u043d\u044b\u0445 \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e \u043f\u043e\u0432\u0442\u043e\u0440\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043f\u0440\u0438 \u0437\u043d\u0430\u0447\u0438\u0442\u0435\u043b\u044c\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0435 \u0437\u0430\u043f\u0440\u043e\u0441\u043e\u0432 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u0432\u0435\u0440\u0441\u0438\u044f\u0445 9.18.19 \u0438 9.18.19-S1).\n\n\u0414\u0430\u043d\u043d\u044b\u0445 \u043e\u0431 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 \u0437\u043b\u043e\u043d\u0430\u043c\u0435\u0440\u0435\u043d\u043d\u044b\u0445 \u0430\u0442\u0430\u043a\u0430\u0445 \u043d\u0435 \u0441\u043e\u043e\u0431\u0449\u0430\u0435\u0442\u0441\u044f.", "creation_timestamp": "2023-09-22T14:38:21.000000Z"} 2023-09-22T14:38:21+00:00 https://vulnerability.circl.lu/sighting/3556ed1f-0f00-4e7a-b355-a772680fd959/export 2026-05-31T05:33:42.770623+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "3556ed1f-0f00-4e7a-b355-a772680fd959", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24998", "type": "seen", "source": "https://t.me/ctinow/181421", "content": "https://ift.tt/nlTCLXO\nCVE-2023-24998 | Oracle Financial Services Compliance Studio 8.1.2.5 Reports denial of service", "creation_timestamp": "2024-02-08T15:11:40.000000Z"} 2024-02-08T15:11:40+00:00 https://vulnerability.circl.lu/sighting/42da9cb8-c8f0-4d2f-a5d5-f4fc1682a0b2/export 2026-05-31T05:33:42.770544+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "42da9cb8-c8f0-4d2f-a5d5-f4fc1682a0b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24998", "type": "seen", "source": "https://t.me/ctinow/181434", "content": "https://ift.tt/9wC6hkB\nCVE-2023-24998 | Oracle Financial Services Revenue Management and Billing 5.0.0/5.1.0 Pricing Services denial of service", "creation_timestamp": "2024-02-08T15:41:59.000000Z"} 2024-02-08T15:41:59+00:00 https://vulnerability.circl.lu/sighting/8ca884f2-fc9f-4966-9178-98967fe2d7b9/export 2026-05-31T05:33:42.770468+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "8ca884f2-fc9f-4966-9178-98967fe2d7b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24998", "type": "seen", "source": "https://t.me/ctinow/182499", "content": "https://ift.tt/BrtHjfK\nCVE-2023-24998 | Oracle Retail Customer Management and Segmentation Foundation Internal Operations denial of service", "creation_timestamp": "2024-02-10T09:41:18.000000Z"} 2024-02-10T09:41:18+00:00 https://vulnerability.circl.lu/sighting/8b226595-d624-49cb-b648-6891228d0420/export 2026-05-31T05:33:42.770354+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "8b226595-d624-49cb-b648-6891228d0420", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24998", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5963", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27901\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in org.kohsuke.stapler.RequestImpl, allowing attackers to trigger a denial of service.\n\ud83d\udccf Published: 2023-03-08T17:14:50.696Z\n\ud83d\udccf Modified: 2025-02-28T18:45:56.466Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3030", "creation_timestamp": "2025-02-28T19:27:10.000000Z"} 2025-02-28T19:27:10+00:00 https://vulnerability.circl.lu/sighting/78d8ee61-db97-4fba-ab87-eeff3af0205a/export 2026-05-31T05:33:42.770216+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "78d8ee61-db97-4fba-ab87-eeff3af0205a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24998", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5964", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27900\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Jenkins 2.393 and earlier, LTS 2.375.3 and earlier uses the Apache Commons FileUpload library without specifying limits for the number of request parts introduced in version 1.5 for CVE-2023-24998 in hudson.util.MultipartFormDataParser, allowing attackers to trigger a denial of service.\n\ud83d\udccf Published: 2023-03-08T17:14:49.805Z\n\ud83d\udccf Modified: 2025-02-28T18:43:28.521Z\n\ud83d\udd17 References:\n1. https://www.jenkins.io/security/advisory/2023-03-08/#SECURITY-3030", "creation_timestamp": "2025-02-28T19:27:11.000000Z"} 2025-02-28T19:27:11+00:00 https://vulnerability.circl.lu/sighting/d762c960-848c-4bca-8228-4e13987181ed/export 2026-05-31T05:33:42.770061+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "d762c960-848c-4bca-8228-4e13987181ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24998", "type": "seen", "source": "Telegram/HCo7oBc9MuABAZ3fcQP6FO0F8XbROF3_F21Hr1OX3zJVvqUa", "content": "", "creation_timestamp": "2025-03-02T11:45:39.000000Z"} 2025-03-02T11:45:39+00:00 https://vulnerability.circl.lu/sighting/0e9c2b16-3b2a-439a-8f35-049ffcd7cf6f/export 2026-05-31T05:33:42.767801+00:00 Automation user https://vulnerability.circl.lu/user/automation {"uuid": "0e9c2b16-3b2a-439a-8f35-049ffcd7cf6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24998", "type": "seen", "source": "Telegram/9mU-T56rdJAAG8DZW4GTKg2vS2llhDO6biCeQxdJmLS-toX0", "content": "", "creation_timestamp": "2025-03-02T11:45:39.000000Z"} 2025-03-02T11:45:39+00:00