https://vulnerability.circl.lu/sightings/feed 2026-05-04T12:42:01.374649+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/133086b5-c295-4a57-bbe9-c7d1fa144373/export 2026-05-04T12:42:01.744215+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "133086b5-c295-4a57-bbe9-c7d1fa144373", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27602", "type": "seen", "source": "https://t.me/cibsecurity/61736", "content": "\u203c CVE-2023-27602 \u203c\n\nIn Apache Linkis <=1.3.1, The PublicService module uploads\u00c2\u00a0files without restrictions on the path to the uploaded\u00c2\u00a0files, and file types. We recommend users upgrade the version of Linkis to version 1.3.2.\u00c2\u00a0 For versions <=1.3.1, we suggest turning on the file path check switch in linkis.properties `wds.linkis.workspace.filesystem.owner.check=true` `wds.linkis.workspace.filesystem.path.check=true`\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-10T12:22:26.000000Z"} 2023-04-10T12:22:26+00:00 https://vulnerability.circl.lu/sighting/ef47ee4e-91d9-41ea-a500-289f815674b6/export 2026-05-04T12:42:01.743985+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "ef47ee4e-91d9-41ea-a500-289f815674b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27603", "type": "seen", "source": "https://t.me/cibsecurity/61737", "content": "\u203c CVE-2023-27603 \u203c\n\nIn Apache Linkis <=1.3.1, due to the Manager module engineConn material upload does not check the zip path,\u00c2\u00a0This is a Zip Slip issue, which will lead to a\u00c2\u00a0potential RCE vulnerability. We recommend users upgrade the version of Linkis to version 1.3.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-10T12:22:27.000000Z"} 2023-04-10T12:22:27+00:00 https://vulnerability.circl.lu/sighting/3032536e-0252-4ae9-b223-6aa9f1137649/export 2026-05-04T12:42:01.743756+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "3032536e-0252-4ae9-b223-6aa9f1137649", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2760", "type": "seen", "source": "https://t.me/cibsecurity/66803", "content": "\u203c CVE-2023-2760 \u203c\n\nAn SQL injection vulnerability exists in TapHome core HandleMessageUpdateDevicePropertiesRequest function before version 2023.2, allowing low privileged users to inject arbitrary SQL directives into an SQL query and execute arbitrary SQL commands and get full reading access. This may also lead to limited write access and temporary Denial-of-Service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-17T12:35:01.000000Z"} 2023-07-17T12:35:01+00:00 https://vulnerability.circl.lu/sighting/aee535ca-7597-46be-8f11-f2a3efbc89c2/export 2026-05-04T12:42:01.743500+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "aee535ca-7597-46be-8f11-f2a3efbc89c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27606", "type": "seen", "source": "https://t.me/cibsecurity/66806", "content": "\u203c CVE-2023-27606 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in Sajjad Hossain WP Reroute Email plugin <=\u00c2\u00a01.4.6 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T17:49:25.000000Z"} 2023-08-09T17:49:25+00:00 https://vulnerability.circl.lu/sighting/2ec65e2d-a5c6-4c93-9962-9c762b353cec/export 2026-05-04T12:42:01.743155+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "2ec65e2d-a5c6-4c93-9962-9c762b353cec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27604", "type": "seen", "source": "https://t.me/cibsecurity/69275", "content": "\u203c CVE-2023-27604 \u203c\n\nApache Airflow Sqoop Provider, versions before 4.0.0, is affected by a vulnerability that allows an attacker pass parameters with the connections, which makes it possible to implement RCE attacks via \u00e2\u20ac\u02dcsqoop import --connect\u00e2\u20ac\u2122, obtain airflow server permissions, etc. The attacker needs to be logged in and have authorization (permissions) to create/edit connections. It is recommended to upgrade to a version that is not affected.This issue was reported independently by happyhacking-k, And Xie Jianming and LiuHui of Caiji Sec Team also reported it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-28T13:14:48.000000Z"} 2023-08-28T13:14:48+00:00 https://vulnerability.circl.lu/sighting/cef4214b-b12b-4069-b5f0-34c23a4e7440/export 2026-05-04T12:42:01.739405+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "cef4214b-b12b-4069-b5f0-34c23a4e7440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27609", "type": "seen", "source": "https://t.me/cvedetector/11543", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-27609 - NetTantra WP Roles Stored XSS\", \n \"Content\": \"CVE ID : CVE-2023-27609 \nPublished : Nov. 19, 2024, 10:15 p.m. | 39\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in NetTantra WP Roles at Registration allows Stored XSS.This issue affects WP Roles at Registration: from n/a through 0.23. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T00:22:07.000000Z"} 2024-11-20T00:22:07+00:00