https://vulnerability.circl.lu/sightings/feed 2026-05-06T18:45:04.342704+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/90056fc2-cb0a-458a-b44a-45e4be9282eb/export 2026-05-06T18:45:04.567771+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "90056fc2-cb0a-458a-b44a-45e4be9282eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23689", "type": "seen", "source": "https://t.me/ctinow/185771", "content": "https://ift.tt/MY1XHdz\nCVE-2024-23689 | ClichHouse r2dbc/jdbc/client up to 0.4.5 information exposure (ID 1331)", "creation_timestamp": "2024-02-15T18:57:01.000000Z"} 2024-02-15T18:57:01+00:00 https://vulnerability.circl.lu/sighting/7893a226-aae7-4ff6-b62b-0d948f23fba4/export 2026-05-06T18:45:04.567693+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "7893a226-aae7-4ff6-b62b-0d948f23fba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23684", "type": "seen", "source": "https://t.me/ctinow/185772", "content": "https://ift.tt/lUxwbnk\nCVE-2024-23684 | com.upokecenter.cbor up to 4.5.1 DecodeFromBytes algorithmic complexity (GHSA-fj2w-wfgv-mwq6)", "creation_timestamp": "2024-02-15T18:57:03.000000Z"} 2024-02-15T18:57:03+00:00 https://vulnerability.circl.lu/sighting/2288da8d-033f-4a80-ab40-8ff2acde191a/export 2026-05-06T18:45:04.567615+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "2288da8d-033f-4a80-ab40-8ff2acde191a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23688", "type": "seen", "source": "https://t.me/ctinow/185773", "content": "https://ift.tt/AylvtHn\nCVE-2024-23688 | Consensys Discovery up to 0.4.4 AES Handler/GCM nonce re-use (GHSA-w3hj-wr2q-x83g)", "creation_timestamp": "2024-02-15T18:57:04.000000Z"} 2024-02-15T18:57:04+00:00 https://vulnerability.circl.lu/sighting/5caac75d-7e2a-4142-81e8-eb4b1abfe8d0/export 2026-05-06T18:45:04.567529+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "5caac75d-7e2a-4142-81e8-eb4b1abfe8d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23686", "type": "seen", "source": "https://t.me/ctinow/185829", "content": "https://ift.tt/BP6c9yg\nCVE-2024-23686 | DependencyCheck up to 9.0.5/9.0.6 on Maven/CLI/Ant Debug Mode log file (GHSA-qqhq-8r2c-c3f5)", "creation_timestamp": "2024-02-15T19:56:24.000000Z"} 2024-02-15T19:56:24+00:00 https://vulnerability.circl.lu/sighting/10a0a0a9-78a2-4ec5-963a-5798a97657dd/export 2026-05-06T18:45:04.567443+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "10a0a0a9-78a2-4ec5-963a-5798a97657dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23687", "type": "seen", "source": "https://t.me/ctinow/185830", "content": "https://ift.tt/2fDjhVQ\nCVE-2024-23687 | Folio mod-data-export-spring versions up to 1.5.3/2.0.1 API hard-coded credentials (GHSA-vf78-3q9f-92g3)", "creation_timestamp": "2024-02-15T19:56:25.000000Z"} 2024-02-15T19:56:25+00:00 https://vulnerability.circl.lu/sighting/088ff45d-84de-4db3-b518-74be35da50a8/export 2026-05-06T18:45:04.567357+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "088ff45d-84de-4db3-b518-74be35da50a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23681", "type": "seen", "source": "https://t.me/ctinow/185831", "content": "https://ift.tt/4uLiwOB\nCVE-2024-23681 | Artemis Java Test Sandbox up to 1.11.1 sandbox (GHSA-98hq-4wmw-98w9)", "creation_timestamp": "2024-02-15T19:56:26.000000Z"} 2024-02-15T19:56:26+00:00 https://vulnerability.circl.lu/sighting/53bcbb93-fc8d-498d-a85c-3ac835eb6f42/export 2026-05-06T18:45:04.567267+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "53bcbb93-fc8d-498d-a85c-3ac835eb6f42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23688", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19026", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23688\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. which should ideally be unique for every message. The node's private key isn't compromised, only the session key generated for specific peer communication is exposed.\n\n\n\ud83d\udccf Published: 2024-01-19T21:26:35.282Z\n\ud83d\udccf Modified: 2025-06-20T18:28:31.476Z\n\ud83d\udd17 References:\n1. https://github.com/ConsenSys/discovery/security/advisories/GHSA-w3hj-wr2q-x83g\n2. https://github.com/advisories/GHSA-w3hj-wr2q-x83g\n3. https://vulncheck.com/advisories/vc-advisory-GHSA-w3hj-wr2q-x83g", "creation_timestamp": "2025-06-20T18:42:20.000000Z"} 2025-06-20T18:42:20+00:00 https://vulnerability.circl.lu/sighting/9253a3fa-38fb-40db-ab47-15c35cb676a8/export 2026-05-06T18:45:04.567174+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "9253a3fa-38fb-40db-ab47-15c35cb676a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23684", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19027", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23684\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation (CBOR) versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use of this library, this may be a remote attacker.\n\n\n\ud83d\udccf Published: 2024-01-19T20:59:02.723Z\n\ud83d\udccf Modified: 2025-06-20T18:27:45.342Z\n\ud83d\udd17 References:\n1. https://github.com/peteroupc/CBOR-Java/security/advisories/GHSA-fj2w-wfgv-mwq6\n2. https://github.com/advisories/GHSA-fj2w-wfgv-mwq6\n3. https://vulncheck.com/advisories/vc-advisory-GHSA-fj2w-wfgv-mwq6", "creation_timestamp": "2025-06-20T18:42:21.000000Z"} 2025-06-20T18:42:21+00:00 https://vulnerability.circl.lu/sighting/2a8a529f-3fa4-48a3-bc1c-666c2dd91b6e/export 2026-05-06T18:45:04.567050+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "2a8a529f-3fa4-48a3-bc1c-666c2dd91b6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23683", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19028", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23683\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.\n\n\n\n\n\n\n\ud83d\udccf Published: 2024-01-19T20:48:42.271Z\n\ud83d\udccf Modified: 2025-06-20T18:26:59.260Z\n\ud83d\udd17 References:\n1. https://github.com/ls1intum/Ares/security/advisories/GHSA-883x-6fch-6wjx\n2. https://github.com/ls1intum/Ares/issues/15#issuecomment-996449371\n3. https://github.com/ls1intum/Ares/commit/af4f28a56e2fe600d8750b3b415352a0a3217392\n4. https://github.com/ls1intum/Ares/releases/tag/1.7.6\n5. https://github.com/advisories/GHSA-883x-6fch-6wjx\n6. https://vulncheck.com/advisories/vc-advisory-GHSA-883x-6fch-6wjx", "creation_timestamp": "2025-06-20T18:42:22.000000Z"} 2025-06-20T18:42:22+00:00 https://vulnerability.circl.lu/sighting/46c8a1cd-7eb8-4c57-a8ce-86cd6face905/export 2026-05-06T18:45:04.564322+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "46c8a1cd-7eb8-4c57-a8ce-86cd6face905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23682", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19029", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23682\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.\n\n\n\n\ud83d\udccf Published: 2024-01-19T20:13:55.453Z\n\ud83d\udccf Modified: 2025-06-20T18:25:03.328Z\n\ud83d\udd17 References:\n1. https://github.com/ls1intum/Ares/security/advisories/GHSA-227w-wv4j-67h4\n2. https://github.com/ls1intum/Ares/issues/15\n3. https://github.com/ls1intum/Ares/releases/tag/1.8.0\n4. https://github.com/advisories/GHSA-227w-wv4j-67h4\n5. https://vulncheck.com/advisories/vc-advisory-GHSA-227w-wv4j-67h4", "creation_timestamp": "2025-06-20T18:42:23.000000Z"} 2025-06-20T18:42:23+00:00