https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 06 May 2026 16:23:31 +0000 https://vulnerability.circl.lu/sighting/5af2700e-1bd1-433e-bb68-f10e4844c126/export {"uuid": "5af2700e-1bd1-433e-bb68-f10e4844c126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32190", "type": "seen", "source": "https://t.me/cvedetector/8051", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-32190 - Apache Mlocate File Permission Vulnerability (Directory Information Disclosure/Path Traversal)\", \n \"Content\": \"CVE ID : CVE-2023-32190 \nPublished : Oct. 16, 2024, 12:15 p.m. | 17\u00a0minutes ago \nDescription : mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T14:41:32.000000Z"} {"uuid": "5af2700e-1bd1-433e-bb68-f10e4844c126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32190", "type": "seen", "source": "https://t.me/cvedetector/8051", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-32190 - Apache Mlocate File Permission Vulnerability (Directory Information Disclosure/Path Traversal)\", \n \"Content\": \"CVE ID : CVE-2023-32190 \nPublished : Oct. 16, 2024, 12:15 p.m. | 17\u00a0minutes ago \nDescription : mlocate's %post script allows RUN_UPDATEDB_AS user to make arbitrary files world readable by abusing insecure file operations that run with root privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T14:41:32.000000Z"} https://vulnerability.circl.lu/sighting/5af2700e-1bd1-433e-bb68-f10e4844c126/export Wed, 16 Oct 2024 14:41:32 +0000 https://vulnerability.circl.lu/sighting/daed44c3-9447-4b67-b424-b7b9e6927c1c/export {"uuid": "daed44c3-9447-4b67-b424-b7b9e6927c1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32196", "type": "seen", "source": "https://t.me/cvedetector/8056", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-32196 - Adobe Experience Manager RoleTemplate privilege escalation vulnerability\", \n \"Content\": \"CVE ID : CVE-2023-32196 \nPublished : Oct. 16, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability has been identified whereby privilege escalation checks are not properly enforced for RoleTemplateobjects when external=true, which in specific scenarios can lead to privilege escalation. \nSeverity: 6.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T16:22:52.000000Z"} {"uuid": "daed44c3-9447-4b67-b424-b7b9e6927c1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32196", "type": "seen", "source": "https://t.me/cvedetector/8056", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-32196 - Adobe Experience Manager RoleTemplate privilege escalation vulnerability\", \n \"Content\": \"CVE ID : CVE-2023-32196 \nPublished : Oct. 16, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability has been identified whereby privilege escalation checks are not properly enforced for RoleTemplateobjects when external=true, which in specific scenarios can lead to privilege escalation. \nSeverity: 6.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T16:22:52.000000Z"} https://vulnerability.circl.lu/sighting/daed44c3-9447-4b67-b424-b7b9e6927c1c/export Wed, 16 Oct 2024 16:22:52 +0000 https://vulnerability.circl.lu/sighting/46003837-a05b-4d2e-bd05-0675502f1613/export {"uuid": "46003837-a05b-4d2e-bd05-0675502f1613", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32191", "type": "seen", "source": "https://t.me/cvedetector/8060", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-32191 - RKE Cluster State Escalation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2023-32191 \nPublished : Oct. 16, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : When RKE provisions a cluster, it stores the cluster state in a configmap called `full-cluster-state` inside the `kube-system` namespace of the cluster itself. The information available in there allows non-admin users to escalate to admin. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T16:22:57.000000Z"} {"uuid": "46003837-a05b-4d2e-bd05-0675502f1613", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32191", "type": "seen", "source": "https://t.me/cvedetector/8060", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-32191 - RKE Cluster State Escalation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2023-32191 \nPublished : Oct. 16, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : When RKE provisions a cluster, it stores the cluster state in a configmap called `full-cluster-state` inside the `kube-system` namespace of the cluster itself. The information available in there allows non-admin users to escalate to admin. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T16:22:57.000000Z"} https://vulnerability.circl.lu/sighting/46003837-a05b-4d2e-bd05-0675502f1613/export Wed, 16 Oct 2024 16:22:57 +0000 https://vulnerability.circl.lu/sighting/69e8353e-d0b4-4588-99f0-a59ed40ca19a/export {"uuid": "69e8353e-d0b4-4588-99f0-a59ed40ca19a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32192", "type": "seen", "source": "https://t.me/cvedetector/8061", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-32192 - Apache API Server Cross-Site Scripting (XSS)\", \n \"Content\": \"CVE ID : CVE-2023-32192 \nPublished : Oct. 16, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability has been identified in which unauthenticated cross-site \nscripting (XSS) in the API Server's public API endpoint can be \nexploited, allowing an attacker to execute arbitrary JavaScript code in the victim browser \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T16:22:58.000000Z"} {"uuid": "69e8353e-d0b4-4588-99f0-a59ed40ca19a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32192", "type": "seen", "source": "https://t.me/cvedetector/8061", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-32192 - Apache API Server Cross-Site Scripting (XSS)\", \n \"Content\": \"CVE ID : CVE-2023-32192 \nPublished : Oct. 16, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability has been identified in which unauthenticated cross-site \nscripting (XSS) in the API Server's public API endpoint can be \nexploited, allowing an attacker to execute arbitrary JavaScript code in the victim browser \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T16:22:58.000000Z"} https://vulnerability.circl.lu/sighting/69e8353e-d0b4-4588-99f0-a59ed40ca19a/export Wed, 16 Oct 2024 16:22:58 +0000 https://vulnerability.circl.lu/sighting/9934e5c6-7afe-4e30-84d5-7ebe738007d1/export {"uuid": "9934e5c6-7afe-4e30-84d5-7ebe738007d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32193", "type": "seen", "source": "https://t.me/cvedetector/8062", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-32193 - Norman Public API Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2023-32193 \nPublished : Oct. 16, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability has been identified in which unauthenticated cross-site \nscripting (XSS) in Norman's public API endpoint can be exploited. This \ncan lead to an attacker exploiting the vulnerability to trigger \nJavaScript code and execute commands remotely. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T16:22:59.000000Z"} {"uuid": "9934e5c6-7afe-4e30-84d5-7ebe738007d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32193", "type": "seen", "source": "https://t.me/cvedetector/8062", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-32193 - Norman Public API Cross-Site Scripting Vulnerability\", \n \"Content\": \"CVE ID : CVE-2023-32193 \nPublished : Oct. 16, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability has been identified in which unauthenticated cross-site \nscripting (XSS) in Norman's public API endpoint can be exploited. This \ncan lead to an attacker exploiting the vulnerability to trigger \nJavaScript code and execute commands remotely. \nSeverity: 8.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T16:22:59.000000Z"} https://vulnerability.circl.lu/sighting/9934e5c6-7afe-4e30-84d5-7ebe738007d1/export Wed, 16 Oct 2024 16:22:59 +0000 https://vulnerability.circl.lu/sighting/436c3ff6-7940-4f2a-a8a4-390ebead3be8/export {"uuid": "436c3ff6-7940-4f2a-a8a4-390ebead3be8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32194", "type": "seen", "source": "https://t.me/cvedetector/8063", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-32194 - OpenShift Global Role Escalation: Namespaces Access Grant\", \n \"Content\": \"CVE ID : CVE-2023-32194 \nPublished : Oct. 16, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability has been identified when granting a create or * global role for a resource type of \"namespaces\"; no matter the API group, the subject will receive * \n permissions for core namespaces. This can lead to someone being capable \n of accessing, creating, updating, or deleting a namespace in the \nproject. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T16:23:01.000000Z"} {"uuid": "436c3ff6-7940-4f2a-a8a4-390ebead3be8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32194", "type": "seen", "source": "https://t.me/cvedetector/8063", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2023-32194 - OpenShift Global Role Escalation: Namespaces Access Grant\", \n \"Content\": \"CVE ID : CVE-2023-32194 \nPublished : Oct. 16, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability has been identified when granting a create or * global role for a resource type of \"namespaces\"; no matter the API group, the subject will receive * \n permissions for core namespaces. This can lead to someone being capable \n of accessing, creating, updating, or deleting a namespace in the \nproject. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"16 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T16:23:01.000000Z"} https://vulnerability.circl.lu/sighting/436c3ff6-7940-4f2a-a8a4-390ebead3be8/export Wed, 16 Oct 2024 16:23:01 +0000 https://vulnerability.circl.lu/sighting/5b0508e3-9b17-420b-a141-0061466d2460/export {"uuid": "5b0508e3-9b17-420b-a141-0061466d2460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32197", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11996", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32197\n\ud83d\udd25 CVSS Score: 6.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A Improper Privilege Management vulnerability in SUSE rancher in RoleTemplateobjects when external=true is set can lead to privilege escalation in specific scenarios.This issue affects rancher: from 2.7.0 before 2.7.14, from 2.8.0 before 2.8.5.\n\ud83d\udccf Published: 2025-04-16T08:40:54.464Z\n\ud83d\udccf Modified: 2025-04-16T08:40:54.464Z\n\ud83d\udd17 References:\n1. https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32197\n2. https://github.com/rancher/rancher/security/advisories/GHSA-64jq-m7rq-768h", "creation_timestamp": "2025-04-16T08:55:56.000000Z"} {"uuid": "5b0508e3-9b17-420b-a141-0061466d2460", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32197", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11996", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-32197\n\ud83d\udd25 CVSS Score: 6.6 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: A Improper Privilege Management vulnerability in SUSE rancher in RoleTemplateobjects when external=true is set can lead to privilege escalation in specific scenarios.This issue affects rancher: from 2.7.0 before 2.7.14, from 2.8.0 before 2.8.5.\n\ud83d\udccf Published: 2025-04-16T08:40:54.464Z\n\ud83d\udccf Modified: 2025-04-16T08:40:54.464Z\n\ud83d\udd17 References:\n1. https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32197\n2. https://github.com/rancher/rancher/security/advisories/GHSA-64jq-m7rq-768h", "creation_timestamp": "2025-04-16T08:55:56.000000Z"} https://vulnerability.circl.lu/sighting/5b0508e3-9b17-420b-a141-0061466d2460/export Wed, 16 Apr 2025 08:55:56 +0000 https://vulnerability.circl.lu/sighting/7e30bb90-4e1e-48dd-b23b-6e4bfffe6ae0/export {"uuid": "7e30bb90-4e1e-48dd-b23b-6e4bfffe6ae0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32197", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmwfus35jg24", "content": "", "creation_timestamp": "2025-04-16T10:43:48.748796Z"} {"uuid": "7e30bb90-4e1e-48dd-b23b-6e4bfffe6ae0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32197", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lmwfus35jg24", "content": "", "creation_timestamp": "2025-04-16T10:43:48.748796Z"} https://vulnerability.circl.lu/sighting/7e30bb90-4e1e-48dd-b23b-6e4bfffe6ae0/export Wed, 16 Apr 2025 10:43:48 +0000 https://vulnerability.circl.lu/sighting/d837795e-870d-4e00-83c7-328d33a86429/export {"uuid": "d837795e-870d-4e00-83c7-328d33a86429", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32197", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-01T18:11:57.000000Z"} {"uuid": "d837795e-870d-4e00-83c7-328d33a86429", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32197", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-01T18:11:57.000000Z"} https://vulnerability.circl.lu/sighting/d837795e-870d-4e00-83c7-328d33a86429/export Wed, 01 Oct 2025 18:11:57 +0000 https://vulnerability.circl.lu/sighting/8ff1a596-f6e3-4e88-98e3-d051fb615aac/export {"uuid": "8ff1a596-f6e3-4e88-98e3-d051fb615aac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32197", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-08T21:59:31.000000Z"} {"uuid": "8ff1a596-f6e3-4e88-98e3-d051fb615aac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-32197", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-08T21:59:31.000000Z"} https://vulnerability.circl.lu/sighting/8ff1a596-f6e3-4e88-98e3-d051fb615aac/export Wed, 08 Oct 2025 21:59:31 +0000