https://vulnerability.circl.lu/sightings/feed 2026-05-04T11:13:34.602366+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/5e598c79-b5b2-4293-bef2-070442379443/export 2026-05-04T11:13:34.875073+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "5e598c79-b5b2-4293-bef2-070442379443", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5280", "type": "seen", "source": "https://t.me/cvedetector/809", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-5280 - The wp-affiliate-platform WordPress plugin before\", \n \"Content\": \"CVE ID : CVE-2024-5280 \nPublished : July 13, 2024, 6:15 a.m. | 32\u00a0minutes ago \nDescription : The wp-affiliate-platform WordPress plugin before 6.5.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make non-logged in users execute an XSS payload via a CSRF attack \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-13T08:49:50.000000Z"} 2024-07-13T08:49:50+00:00 https://vulnerability.circl.lu/sighting/ed0be3e5-31a7-48d2-9eb7-87827b4f1b91/export 2026-05-04T11:13:34.875006+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "ed0be3e5-31a7-48d2-9eb7-87827b4f1b91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52803", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113522000459979063", "content": "", "creation_timestamp": "2024-11-21T16:57:39.844704Z"} 2024-11-21T16:57:39.844704+00:00 https://vulnerability.circl.lu/sighting/9d695c57-c104-4041-b992-09c5582b254f/export 2026-05-04T11:13:34.874935+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "9d695c57-c104-4041-b992-09c5582b254f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52809", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113567706103109724", "content": "", "creation_timestamp": "2024-11-29T18:41:12.682798Z"} 2024-11-29T18:41:12.682798+00:00 https://vulnerability.circl.lu/sighting/6e2a4c77-5863-436b-ace7-5841f3bee6f4/export 2026-05-04T11:13:34.874861+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "6e2a4c77-5863-436b-ace7-5841f3bee6f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52800", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9255", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aGHSA-4cx5-89vm-833x/CVE-2024-52800\nURL\uff1ahttps://github.com/JAckLosingHeart/GHSA-4cx5-89vm-833x-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-30T06:58:11.000000Z"} 2024-11-30T06:58:11+00:00 https://vulnerability.circl.lu/sighting/366e1d0f-5e76-48da-9970-7acfc80bce85/export 2026-05-04T11:13:34.874773+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "366e1d0f-5e76-48da-9970-7acfc80bce85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52806", "type": "seen", "source": "https://t.me/cvedetector/11805", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-52806 - SimpleSAMLphp SAML2 XXE Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-52806 \nPublished : Dec. 2, 2024, 5:15 p.m. | 51\u00a0minutes ago \nDescription : SimpleSAMLphp SAML2 library is a PHP library for SAML2 related functionality. When loading an (untrusted) XML document, for example the SAMLResponse, it's possible to induce an XXE. This vulnerability is fixed in 4.6.14 and 5.0.0-alpha.18. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"02 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-02T19:35:47.000000Z"} 2024-12-02T19:35:47+00:00 https://vulnerability.circl.lu/sighting/8e28693b-d58a-412d-98a6-64d2ad9de9f5/export 2026-05-04T11:13:34.874654+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "8e28693b-d58a-412d-98a6-64d2ad9de9f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52805", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113589996255229449", "content": "", "creation_timestamp": "2024-12-03T17:09:53.082041Z"} 2024-12-03T17:09:53.082041+00:00 https://vulnerability.circl.lu/sighting/a45558ea-8840-4f4c-ad07-5cb1452cdc3b/export 2026-05-04T11:13:34.874520+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "a45558ea-8840-4f4c-ad07-5cb1452cdc3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52805", "type": "seen", "source": "https://t.me/cvedetector/11904", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-52805 - Synapse is an open-source Matrix homeserver. In Sy\", \n \"Content\": \"CVE ID : CVE-2024-52805 \nPublished : Dec. 3, 2024, 5:15 p.m. | 2\u00a0hours ago \nDescription : Synapse is an open-source Matrix homeserver. In Synapse before 1.120.1, multipart/form-data requests can in certain configurations transiently increase memory consumption beyond expected levels while processing the request, which can be used to amplify denial of service attacks. Synapse 1.120.1 resolves the issue by denying requests with unsupported multipart/form-data content type. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"03 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-03T20:40:50.000000Z"} 2024-12-03T20:40:50+00:00 https://vulnerability.circl.lu/sighting/1c178b22-988c-40be-a9ac-22e7f032a643/export 2026-05-04T11:13:34.874392+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "1c178b22-988c-40be-a9ac-22e7f032a643", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52807", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113885058909709347", "content": "", "creation_timestamp": "2025-01-24T19:48:48.062393Z"} 2025-01-24T19:48:48.062393+00:00 https://vulnerability.circl.lu/sighting/92dcf670-be15-4ce8-a3f2-f642d3de999a/export 2026-05-04T11:13:34.874215+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "92dcf670-be15-4ce8-a3f2-f642d3de999a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52807", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3008", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52807\n\ud83d\udd39 Description: The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.7.4, XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag `( ]>` could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.publisher is being used to within a host where external clients can submit XML. A previous release provided an incomplete solution revealed by new testing. This issue has been patched as of version 1.7.4. No known workarounds are available.\n\ud83d\udccf Published: 2025-01-24T18:34:23.255Z\n\ud83d\udccf Modified: 2025-01-24T19:42:52.498Z\n\ud83d\udd17 References:\n1. https://github.com/HL7/fhir-ig-publisher/security/advisories/GHSA-8c3x-hq82-gjcm\n2. https://github.com/HL7/fhir-ig-publisher/compare/1.7.3...1.7.4", "creation_timestamp": "2025-01-24T20:04:51.000000Z"} 2025-01-24T20:04:51+00:00 https://vulnerability.circl.lu/sighting/0fcc452a-b5cd-439d-b932-8ff521adc411/export 2026-05-04T11:13:34.872337+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "0fcc452a-b5cd-439d-b932-8ff521adc411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52807", "type": "seen", "source": "https://t.me/cvedetector/16340", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-52807 - Apache FHIR IG Publisher XML External Entity Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-52807 \nPublished : Jan. 24, 2025, 7:15 p.m. | 38\u00a0minutes ago \nDescription : The HL7 FHIR IG publisher is a tool to take a set of inputs and create a standard FHIR IG. Prior to version 1.7.4, XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag `( ]>` could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.publisher is being used to within a host where external clients can submit XML. A previous release provided an incomplete solution revealed by new testing. This issue has been patched as of version 1.7.4. No known workarounds are available. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-24T21:06:18.000000Z"} 2025-01-24T21:06:18+00:00