https://vulnerability.circl.lu/sightings/feed 2026-05-10T17:26:53.824130+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/0a742597-c655-4d96-87ef-0d4d658d498a/export 2026-05-10T17:26:54.129843+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "0a742597-c655-4d96-87ef-0d4d658d498a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11314", "content": "#Red_Team_Tactics\n1. Bypassing UAC with SSPI Datagram Contexts\nhttps://github.com/antonioCoco/SspiUacBypass\n2. Call and Register - Relay Attack on WinReg RPC Client\nhttps://www.akamai.com/blog/security-research/winreg-relay-vulnerability\n]-> https://github.com/akamai/akamai-security-research/tree/main/PoCs/cve-2024-43532", "creation_timestamp": "2024-10-23T00:48:15.000000Z"} 2024-10-23T00:48:15+00:00 https://vulnerability.circl.lu/sighting/7cb06914-1445-4bad-a1d5-55b6cc0d9e52/export 2026-05-10T17:26:54.129736+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "7cb06914-1445-4bad-a1d5-55b6cc0d9e52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/603", "content": "https://www.akamai.com/blog/security-research/winreg-relay-vulnerability\n\nCall and Register \u2014 Relay Attack on WinReg RPC Client\n\nhttps://github.com/akamai/akamai-security-research/tree/main/PoCs/cve-2024-43532\n\n#\u5206\u6790 #github #poc", "creation_timestamp": "2024-10-23T19:29:44.000000Z"} 2024-10-23T19:29:44+00:00 https://vulnerability.circl.lu/sighting/e850046f-6c69-4994-867e-9a7abbd08a24/export 2026-05-10T17:26:54.129646+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "e850046f-6c69-4994-867e-9a7abbd08a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "published-proof-of-concept", "source": "https://t.me/paiddpam/5692", "content": "\ud83d\udd14Call and Register \u2014 Relay Attack on WinReg RPC Client\n\nA critical vulnerability (CVE-2024-43532) has been identified in Microsoft\u2019s Remote Registry client. This flaw allows attackers to exploit insecure fallback mechanisms in the WinReg client, enabling them to relay authentication details and make unauthorized certificate requests through Active Directory Certificate Services (ADCS).\n\n\ud83d\udd17 Research:\nhttps://www.akamai.com/blog/security-research/winreg-relay-vulnerability\n\n\ud83d\udd17 RPC Visibility Tool:\nhttps://github.com/akamai/akamai-security-research/tree/main/rpc_toolkit/rpc_visibility\n\n\ud83d\udd17 PoC: \nhttps://github.com/akamai/akamai-security-research/tree/main/PoCs/cve-2024-43532\n\n#ad #adcs #rpc #ntlm #relay #etw #advapi", "creation_timestamp": "2024-10-26T07:01:58.000000Z"} 2024-10-26T07:01:58+00:00 https://vulnerability.circl.lu/sighting/7d086bea-91b3-4cef-96b0-e71b582d2fa5/export 2026-05-10T17:26:54.129559+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "7d086bea-91b3-4cef-96b0-e71b582d2fa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "published-proof-of-concept", "source": "Telegram/74XbNTyUwF2B4MXU61M5oBrjYfLE_ydB7RIx5kz_w3oA1w", "content": "", "creation_timestamp": "2024-10-26T07:01:58.000000Z"} 2024-10-26T07:01:58+00:00 https://vulnerability.circl.lu/sighting/07b55f17-8640-475c-b6c7-e721014a9944/export 2026-05-10T17:26:54.129467+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "07b55f17-8640-475c-b6c7-e721014a9944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "seen", "source": "https://infosec.exchange/users/0patch/statuses/113470701686773635", "content": "", "creation_timestamp": "2024-11-12T15:31:51.390593Z"} 2024-11-12T15:31:51.390593+00:00 https://vulnerability.circl.lu/sighting/037fa9ed-73c6-41e0-ac8f-241780a12850/export 2026-05-10T17:26:54.129358+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "037fa9ed-73c6-41e0-ac8f-241780a12850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43530", "type": "seen", "source": "https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review", "content": "", "creation_timestamp": "2024-11-12T18:26:35.000000Z"} 2024-11-12T18:26:35+00:00 https://vulnerability.circl.lu/sighting/667236bb-42a0-4f91-a4d0-ed011137eb28/export 2026-05-10T17:26:54.129269+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "667236bb-42a0-4f91-a4d0-ed011137eb28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43530", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113471445573585064", "content": "", "creation_timestamp": "2024-11-12T18:40:53.282604Z"} 2024-11-12T18:40:53.282604+00:00 https://vulnerability.circl.lu/sighting/7b64ae56-612c-4ee9-abd3-b78c3f10fab2/export 2026-05-10T17:26:54.129157+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "7b64ae56-612c-4ee9-abd3-b78c3f10fab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4353", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2248", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4353\n\ud83d\udd39 Description: Concrete CMS versions 9.0.0 through 9.3.2 are affected by a stored XSS vulnerability in the generate dashboard board\ninstance functionality. The Name input field does not check the input sufficiently letting a rogue administrator have the capability to inject malicious\nJavaScript code. The Concrete CMS security team gave this vulnerability\u00a0a CVSS v4 score of 4.6 with a vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N. Concrete versions below 9 are not affected by this vulnerability.Thanks fhAnso for reporting. (CNA updated this risk rank on 17 Jan 2025 by lowering the AC based on CVSS 4.0 documentation that access privileges should not be considered for AC).\n\ud83d\udccf Published: 2024-08-01T18:23:31.033Z\n\ud83d\udccf Modified: 2025-01-17T21:55:57.746Z\n\ud83d\udd17 References:\n1. https://github.com/concretecms/concretecms/pull/12151\n2. https://documentation.concretecms.org/9-x/developers/introduction/version-history/933-release-notes", "creation_timestamp": "2025-01-17T22:57:15.000000Z"} 2025-01-17T22:57:15+00:00 https://vulnerability.circl.lu/sighting/44cee7d4-d612-42ce-a3b4-4aa51786ed0c/export 2026-05-10T17:26:54.129007+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "44cee7d4-d612-42ce-a3b4-4aa51786ed0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43535", "type": "published-proof-of-concept", "source": "Telegram/Mu4J56rbgMxUjpsQgufxtJwNSOwCf2oGVYYwILA_0otXlrE", "content": "", "creation_timestamp": "2025-06-07T15:00:07.000000Z"} 2025-06-07T15:00:07+00:00 https://vulnerability.circl.lu/sighting/a322bd91-f9e8-4016-bc37-85e78162f2e4/export 2026-05-10T17:26:54.125650+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "a322bd91-f9e8-4016-bc37-85e78162f2e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43535", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3ltciwauyqm2a", "content": "", "creation_timestamp": "2025-07-06T14:41:20.984939Z"} 2025-07-06T14:41:20.984939+00:00