Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 11:12:41 +0000 993e1ad2-2187-4bd9-9f09-98839f91a961 https://vulnerability.circl.lu/sighting/993e1ad2-2187-4bd9-9f09-98839f91a961/export {"uuid": "993e1ad2-2187-4bd9-9f09-98839f91a961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40347", "type": "seen", "source": "https://t.me/cibsecurity/68651", "content": "\u203c CVE-2023-40347 \u203c\n\nJenkins Maven Artifact ChoiceListProvider (Nexus) Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T18:49:41.000000Z"} {"uuid": "993e1ad2-2187-4bd9-9f09-98839f91a961", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40347", "type": "seen", "source": "https://t.me/cibsecurity/68651", "content": "\u203c CVE-2023-40347 \u203c\n\nJenkins Maven Artifact ChoiceListProvider (Nexus) Plugin 1.14 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Item/Configure permission to access and capture credentials they are not entitled to.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T18:49:41.000000Z"} https://vulnerability.circl.lu/sighting/993e1ad2-2187-4bd9-9f09-98839f91a961/export Wed, 16 Aug 2023 18:49:41 +0000 e1e7e5c9-cd2e-42d2-a94c-2d23517651e9 https://vulnerability.circl.lu/sighting/e1e7e5c9-cd2e-42d2-a94c-2d23517651e9/export {"uuid": "e1e7e5c9-cd2e-42d2-a94c-2d23517651e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40342", "type": "seen", "source": "https://t.me/cibsecurity/68652", "content": "\u203c CVE-2023-40342 \u203c\n\nJenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control JUnit report file contents.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T18:49:42.000000Z"} {"uuid": "e1e7e5c9-cd2e-42d2-a94c-2d23517651e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40342", "type": "seen", "source": "https://t.me/cibsecurity/68652", "content": "\u203c CVE-2023-40342 \u203c\n\nJenkins Flaky Test Handler Plugin 1.2.2 and earlier does not escape JUnit test contents when showing them on the Jenkins UI, resulting in a stored cross-site scripting (XSS) vulnerability exploitable by attackers able to control JUnit report file contents.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T18:49:42.000000Z"} https://vulnerability.circl.lu/sighting/e1e7e5c9-cd2e-42d2-a94c-2d23517651e9/export Wed, 16 Aug 2023 18:49:42 +0000 6fa15a8d-c968-453c-9e39-6b2cc13591bf https://vulnerability.circl.lu/sighting/6fa15a8d-c968-453c-9e39-6b2cc13591bf/export {"uuid": "6fa15a8d-c968-453c-9e39-6b2cc13591bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40348", "type": "seen", "source": "https://t.me/cibsecurity/68662", "content": "\u203c CVE-2023-40348 \u203c\n\nThe webhook endpoint in Jenkins Gogs Plugin 1.0.15 and earlier provides unauthenticated attackers information about the existence of jobs in its output.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T18:49:55.000000Z"} {"uuid": "6fa15a8d-c968-453c-9e39-6b2cc13591bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40348", "type": "seen", "source": "https://t.me/cibsecurity/68662", "content": "\u203c CVE-2023-40348 \u203c\n\nThe webhook endpoint in Jenkins Gogs Plugin 1.0.15 and earlier provides unauthenticated attackers information about the existence of jobs in its output.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T18:49:55.000000Z"} https://vulnerability.circl.lu/sighting/6fa15a8d-c968-453c-9e39-6b2cc13591bf/export Wed, 16 Aug 2023 18:49:55 +0000 e72fea63-b4e6-472b-9feb-7afc34edbe5a https://vulnerability.circl.lu/sighting/e72fea63-b4e6-472b-9feb-7afc34edbe5a/export {"uuid": "e72fea63-b4e6-472b-9feb-7afc34edbe5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40345", "type": "seen", "source": "https://t.me/cibsecurity/68665", "content": "\u203c CVE-2023-40345 \u203c\n\nJenkins Delphix Plugin 3.0.2 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Overall/Read permission to access and capture credentials they are not entitled to.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T18:52:42.000000Z"} {"uuid": "e72fea63-b4e6-472b-9feb-7afc34edbe5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40345", "type": "seen", "source": "https://t.me/cibsecurity/68665", "content": "\u203c CVE-2023-40345 \u203c\n\nJenkins Delphix Plugin 3.0.2 and earlier does not set the appropriate context for credentials lookup, allowing attackers with Overall/Read permission to access and capture credentials they are not entitled to.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T18:52:42.000000Z"} https://vulnerability.circl.lu/sighting/e72fea63-b4e6-472b-9feb-7afc34edbe5a/export Wed, 16 Aug 2023 18:52:42 +0000 08c06cf1-b5c7-4a78-bb98-48aef71eb8b1 https://vulnerability.circl.lu/sighting/08c06cf1-b5c7-4a78-bb98-48aef71eb8b1/export {"uuid": "08c06cf1-b5c7-4a78-bb98-48aef71eb8b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40343", "type": "seen", "source": "https://t.me/cibsecurity/68667", "content": "\u203c CVE-2023-40343 \u203c\n\nJenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T18:52:44.000000Z"} {"uuid": "08c06cf1-b5c7-4a78-bb98-48aef71eb8b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40343", "type": "seen", "source": "https://t.me/cibsecurity/68667", "content": "\u203c CVE-2023-40343 \u203c\n\nJenkins Tuleap Authentication Plugin 1.1.20 and earlier uses a non-constant time comparison function when validating an authentication token allowing attackers to use statistical methods to obtain a valid authentication token.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T18:52:44.000000Z"} https://vulnerability.circl.lu/sighting/08c06cf1-b5c7-4a78-bb98-48aef71eb8b1/export Wed, 16 Aug 2023 18:52:44 +0000 121a9b4e-7499-48e7-bee7-89d97cd556a2 https://vulnerability.circl.lu/sighting/121a9b4e-7499-48e7-bee7-89d97cd556a2/export {"uuid": "121a9b4e-7499-48e7-bee7-89d97cd556a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4034", "type": "seen", "source": "https://t.me/cibsecurity/69887", "content": "\u203c CVE-2023-4034 \u203c\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digita Information Technology Smartrise Document Management System allows SQL Injection.This issue affects Smartrise Document Management System: before Hvl-2.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-05T22:16:54.000000Z"} {"uuid": "121a9b4e-7499-48e7-bee7-89d97cd556a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4034", "type": "seen", "source": "https://t.me/cibsecurity/69887", "content": "\u203c CVE-2023-4034 \u203c\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Digita Information Technology Smartrise Document Management System allows SQL Injection.This issue affects Smartrise Document Management System: before Hvl-2.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-05T22:16:54.000000Z"} https://vulnerability.circl.lu/sighting/121a9b4e-7499-48e7-bee7-89d97cd556a2/export Tue, 05 Sep 2023 22:16:54 +0000