https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-10T06:10:24.500689+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/1cb9cd76-802c-43f3-9352-e4945961c9c8/export1cb9cd76-802c-43f3-9352-e4945961c9c82026-05-10T06:10:24.823705+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "1cb9cd76-802c-43f3-9352-e4945961c9c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42811", "type": "seen", "source": "https://t.me/cibsecurity/70953", "content": "\u203c CVE-2023-42811 \u203c\n\naes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decrypt_in_place_detached, the decrypted ciphertext (i.e. the correct plaintext) is exposed even if tag verification fails. If a program using the `aes-gcm` crate's `decrypt_in_place*` APIs accesses the buffer after decryption failure, it will contain a decryption of an unauthenticated input. Depending on the specific nature of the program this may enable Chosen Ciphertext Attacks (CCAs) which can cause a catastrophic breakage of the cipher including full plaintext recovery. Version 0.10.3 contains a fix for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-22T20:31:55.000000Z"}2023-09-22T20:31:55+00:00https://vulnerability.circl.lu/sighting/3347b8b9-d2f9-4397-bc84-895ad8ddb5e8/export3347b8b9-d2f9-4397-bc84-895ad8ddb5e82026-05-10T06:10:24.823606+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "3347b8b9-d2f9-4397-bc84-895ad8ddb5e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42812", "type": "seen", "source": "https://t.me/cibsecurity/70954", "content": "\u203c CVE-2023-42812 \u203c\n\nGalaxy is an open-source platform for FAIR data analysis. Prior to version 22.05, Galaxy is vulnerable to server-side request forgery, which allows a malicious to issue arbitrary HTTP/HTTPS requests from the application server to internal hosts and read their responses. Version 22.05 contains a patch for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-22T20:31:56.000000Z"}2023-09-22T20:31:56+00:00https://vulnerability.circl.lu/sighting/0e2e3d3c-4e49-4813-9477-6d7ec63b9a76/export0e2e3d3c-4e49-4813-9477-6d7ec63b9a762026-05-10T06:10:24.823509+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "0e2e3d3c-4e49-4813-9477-6d7ec63b9a76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4281", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5198", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRepository for CVE-2023-4281 vulnerability. \nURL\uff1ahttps://github.com/b0marek/CVE-2023-4281\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-24T12:27:29.000000Z"}2023-09-24T12:27:29+00:00https://vulnerability.circl.lu/sighting/e8ab1579-0b44-4f05-af85-8a0d31e50689/exporte8ab1579-0b44-4f05-af85-8a0d31e506892026-05-10T06:10:24.823424+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "e8ab1579-0b44-4f05-af85-8a0d31e50689", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4281", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5199", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aRepository for CVE-2023-4281 vulnerability. \nURL\uff1ahttps://github.com/r3dcl1ff/CVE-2023-36844_Juniper_RCE\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-24T13:31:46.000000Z"}2023-09-24T13:31:46+00:00https://vulnerability.circl.lu/sighting/3e41770d-9291-48d8-9958-e14e9c74ba30/export3e41770d-9291-48d8-9958-e14e9c74ba302026-05-10T06:10:24.823326+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "3e41770d-9291-48d8-9958-e14e9c74ba30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42817", "type": "seen", "source": "https://t.me/cibsecurity/71009", "content": "\u203c CVE-2023-42817 \u203c\n\nPimcore admin-ui-classic-bundle provides a Backend UI for Pimcore. The translation value with text including \u00e2\u20ac\u0153%s\u00e2\u20ac\ufffd (from \u00e2\u20ac\u0153%suggest%) is parsed by sprintf() even though it\u00e2\u20ac\u2122s supposed to be output literally to the user. The translations may be accessible by a user with comparatively lower overall access (as the translation permission cannot be scoped to certain \u00e2\u20ac\u0153modules\u00e2\u20ac\ufffd) and a skilled attacker might be able to exploit the parsing of the translation string in the dialog box. This issue has been patched in commit `abd77392` which is included in release 1.1.2. Users are advised to update to version 1.1.2 or apply the patch manually.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-25T22:39:31.000000Z"}2023-09-25T22:39:31+00:00https://vulnerability.circl.lu/sighting/500b90b5-6bbe-4e18-a804-9eba74e18494/export500b90b5-6bbe-4e18-a804-9eba74e184942026-05-10T06:10:24.823224+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "500b90b5-6bbe-4e18-a804-9eba74e18494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42818", "type": "seen", "source": "https://t.me/cibsecurity/71156", "content": "\u203c CVE-2023-42818 \u203c\n\nJumpServer is an open source bastion host. When users enable MFA and use a public key for authentication, the Koko SSH server does not verify the corresponding SSH private key. An attacker could exploit a vulnerability by utilizing a disclosed public key to attempt brute-force authentication against the SSH service This issue has been patched in versions 3.6.5 and 3.5.6. Users are advised to upgrade. There are no known workarounds for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-28T00:41:53.000000Z"}2023-09-28T00:41:53+00:00https://vulnerability.circl.lu/sighting/a42de083-20da-4b82-98a6-0ea98d64a3e2/exporta42de083-20da-4b82-98a6-0ea98d64a3e22026-05-10T06:10:24.823131+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "a42de083-20da-4b82-98a6-0ea98d64a3e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42819", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5382", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-42819\nURL\uff1ahttps://github.com/C1ph3rX13/CVE-2023-42819\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-12T08:59:17.000000Z"}2023-10-12T08:59:17+00:00https://vulnerability.circl.lu/sighting/9a0a197b-4f59-4719-8177-2077f8dd19cd/export9a0a197b-4f59-4719-8177-2077f8dd19cd2026-05-10T06:10:24.823028+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "9a0a197b-4f59-4719-8177-2077f8dd19cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42819", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9902", "content": "#exploit\n1. CVE-2023-42820,\nCVE-2023-42820,\nCVE-2023-42819:\nJumpserver Preauth RCE Exploit Chain\nhttps://sites.google.com/site/zhiniangpeng/blogs/Jumpserver\n\n2. CVE-2024-20931:\nA new attack surface for JNDI injection\nhttps://github.com/GlassyAmadeus/CVE-2024-20931\n\n3. CVE-2024-22899 - 22903:\nExploit Chain for Multiple Vulnerabilities in VinChin Backup & Recovery\nhttps://github.com/Chocapikk/CVE-2024-22899-to-22903-ExploitChain", "creation_timestamp": "2024-02-07T20:22:24.000000Z"}2024-02-07T20:22:24+00:00https://vulnerability.circl.lu/sighting/ffa4472b-4d6b-42be-9b62-988aee74d27b/exportffa4472b-4d6b-42be-9b62-988aee74d27b2026-05-10T06:10:24.822870+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "ffa4472b-4d6b-42be-9b62-988aee74d27b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42819", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2706", "content": "#exploit\n1. CVE-2023-42820,\nCVE-2023-42820,\nCVE-2023-42819:\nJumpserver Preauth RCE Exploit Chain\nhttps://sites.google.com/site/zhiniangpeng/blogs/Jumpserver\n\n2. CVE-2024-20931:\nA new attack surface for JNDI injection\nhttps://github.com/GlassyAmadeus/CVE-2024-20931\n\n3. CVE-2024-22899 - 22903:\nExploit Chain for Multiple Vulnerabilities in VinChin Backup & Recovery\nhttps://github.com/Chocapikk/CVE-2024-22899-to-22903-ExploitChain", "creation_timestamp": "2024-08-16T09:13:13.000000Z"}2024-08-16T09:13:13+00:00https://vulnerability.circl.lu/sighting/84726bd5-48b5-45b6-933d-e7dcdf6e8ed0/export84726bd5-48b5-45b6-933d-e7dcdf6e8ed02026-05-10T06:10:24.819384+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "84726bd5-48b5-45b6-933d-e7dcdf6e8ed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-42811", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18748", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-42811\n\ud83d\udd25 CVSS Score: 4.7 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:N)\n\ud83d\udd39 Description: aes-gcm is a pure Rust implementation of the AES-GCM. Starting in version 0.10.0 and prior to version 0.10.3, in the AES GCM implementation of decrypt_in_place_detached, the decrypted ciphertext (i.e. the correct plaintext) is exposed even if tag verification fails. If a program using the `aes-gcm` crate's `decrypt_in_place*` APIs accesses the buffer after decryption failure, it will contain a decryption of an unauthenticated input. Depending on the specific nature of the program this may enable Chosen Ciphertext Attacks (CCAs) which can cause a catastrophic breakage of the cipher including full plaintext recovery. Version 0.10.3 contains a fix for this issue.\n\ud83d\udccf Published: 2023-09-22T15:19:15.445Z\n\ud83d\udccf Modified: 2025-06-18T14:22:56.534Z\n\ud83d\udd17 References:\n1. https://github.com/RustCrypto/AEADs/security/advisories/GHSA-423w-p2w9-r7vq\n2. https://docs.rs/aes-gcm/latest/src/aes_gcm/lib.rs.html#309\n3. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RYQCICN6BVC6I75O3F6W4VK4J3MOYDJU/\n4. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/U67ZSMNX5V3WTBYPUYF45PSFG4SF5SGF/\n5. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ROBB6TBDAGEQ2WIINR34F3DPSN3FND6K/", "creation_timestamp": "2025-06-18T14:41:48.000000Z"}2025-06-18T14:41:48+00:00