https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 06 May 2026 19:25:42 +0000 https://vulnerability.circl.lu/sighting/90056fc2-cb0a-458a-b44a-45e4be9282eb/export {"uuid": "90056fc2-cb0a-458a-b44a-45e4be9282eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23689", "type": "seen", "source": "https://t.me/ctinow/185771", "content": "https://ift.tt/MY1XHdz\nCVE-2024-23689 | ClichHouse r2dbc/jdbc/client up to 0.4.5 information exposure (ID 1331)", "creation_timestamp": "2024-02-15T18:57:01.000000Z"} {"uuid": "90056fc2-cb0a-458a-b44a-45e4be9282eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23689", "type": "seen", "source": "https://t.me/ctinow/185771", "content": "https://ift.tt/MY1XHdz\nCVE-2024-23689 | ClichHouse r2dbc/jdbc/client up to 0.4.5 information exposure (ID 1331)", "creation_timestamp": "2024-02-15T18:57:01.000000Z"} https://vulnerability.circl.lu/sighting/90056fc2-cb0a-458a-b44a-45e4be9282eb/export Thu, 15 Feb 2024 18:57:01 +0000 https://vulnerability.circl.lu/sighting/7893a226-aae7-4ff6-b62b-0d948f23fba4/export {"uuid": "7893a226-aae7-4ff6-b62b-0d948f23fba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23684", "type": "seen", "source": "https://t.me/ctinow/185772", "content": "https://ift.tt/lUxwbnk\nCVE-2024-23684 | com.upokecenter.cbor up to 4.5.1 DecodeFromBytes algorithmic complexity (GHSA-fj2w-wfgv-mwq6)", "creation_timestamp": "2024-02-15T18:57:03.000000Z"} {"uuid": "7893a226-aae7-4ff6-b62b-0d948f23fba4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23684", "type": "seen", "source": "https://t.me/ctinow/185772", "content": "https://ift.tt/lUxwbnk\nCVE-2024-23684 | com.upokecenter.cbor up to 4.5.1 DecodeFromBytes algorithmic complexity (GHSA-fj2w-wfgv-mwq6)", "creation_timestamp": "2024-02-15T18:57:03.000000Z"} https://vulnerability.circl.lu/sighting/7893a226-aae7-4ff6-b62b-0d948f23fba4/export Thu, 15 Feb 2024 18:57:03 +0000 https://vulnerability.circl.lu/sighting/2288da8d-033f-4a80-ab40-8ff2acde191a/export {"uuid": "2288da8d-033f-4a80-ab40-8ff2acde191a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23688", "type": "seen", "source": "https://t.me/ctinow/185773", "content": "https://ift.tt/AylvtHn\nCVE-2024-23688 | Consensys Discovery up to 0.4.4 AES Handler/GCM nonce re-use (GHSA-w3hj-wr2q-x83g)", "creation_timestamp": "2024-02-15T18:57:04.000000Z"} {"uuid": "2288da8d-033f-4a80-ab40-8ff2acde191a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23688", "type": "seen", "source": "https://t.me/ctinow/185773", "content": "https://ift.tt/AylvtHn\nCVE-2024-23688 | Consensys Discovery up to 0.4.4 AES Handler/GCM nonce re-use (GHSA-w3hj-wr2q-x83g)", "creation_timestamp": "2024-02-15T18:57:04.000000Z"} https://vulnerability.circl.lu/sighting/2288da8d-033f-4a80-ab40-8ff2acde191a/export Thu, 15 Feb 2024 18:57:04 +0000 https://vulnerability.circl.lu/sighting/5caac75d-7e2a-4142-81e8-eb4b1abfe8d0/export {"uuid": "5caac75d-7e2a-4142-81e8-eb4b1abfe8d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23686", "type": "seen", "source": "https://t.me/ctinow/185829", "content": "https://ift.tt/BP6c9yg\nCVE-2024-23686 | DependencyCheck up to 9.0.5/9.0.6 on Maven/CLI/Ant Debug Mode log file (GHSA-qqhq-8r2c-c3f5)", "creation_timestamp": "2024-02-15T19:56:24.000000Z"} {"uuid": "5caac75d-7e2a-4142-81e8-eb4b1abfe8d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23686", "type": "seen", "source": "https://t.me/ctinow/185829", "content": "https://ift.tt/BP6c9yg\nCVE-2024-23686 | DependencyCheck up to 9.0.5/9.0.6 on Maven/CLI/Ant Debug Mode log file (GHSA-qqhq-8r2c-c3f5)", "creation_timestamp": "2024-02-15T19:56:24.000000Z"} https://vulnerability.circl.lu/sighting/5caac75d-7e2a-4142-81e8-eb4b1abfe8d0/export Thu, 15 Feb 2024 19:56:24 +0000 https://vulnerability.circl.lu/sighting/10a0a0a9-78a2-4ec5-963a-5798a97657dd/export {"uuid": "10a0a0a9-78a2-4ec5-963a-5798a97657dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23687", "type": "seen", "source": "https://t.me/ctinow/185830", "content": "https://ift.tt/2fDjhVQ\nCVE-2024-23687 | Folio mod-data-export-spring versions up to 1.5.3/2.0.1 API hard-coded credentials (GHSA-vf78-3q9f-92g3)", "creation_timestamp": "2024-02-15T19:56:25.000000Z"} {"uuid": "10a0a0a9-78a2-4ec5-963a-5798a97657dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23687", "type": "seen", "source": "https://t.me/ctinow/185830", "content": "https://ift.tt/2fDjhVQ\nCVE-2024-23687 | Folio mod-data-export-spring versions up to 1.5.3/2.0.1 API hard-coded credentials (GHSA-vf78-3q9f-92g3)", "creation_timestamp": "2024-02-15T19:56:25.000000Z"} https://vulnerability.circl.lu/sighting/10a0a0a9-78a2-4ec5-963a-5798a97657dd/export Thu, 15 Feb 2024 19:56:25 +0000 https://vulnerability.circl.lu/sighting/088ff45d-84de-4db3-b518-74be35da50a8/export {"uuid": "088ff45d-84de-4db3-b518-74be35da50a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23681", "type": "seen", "source": "https://t.me/ctinow/185831", "content": "https://ift.tt/4uLiwOB\nCVE-2024-23681 | Artemis Java Test Sandbox up to 1.11.1 sandbox (GHSA-98hq-4wmw-98w9)", "creation_timestamp": "2024-02-15T19:56:26.000000Z"} {"uuid": "088ff45d-84de-4db3-b518-74be35da50a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23681", "type": "seen", "source": "https://t.me/ctinow/185831", "content": "https://ift.tt/4uLiwOB\nCVE-2024-23681 | Artemis Java Test Sandbox up to 1.11.1 sandbox (GHSA-98hq-4wmw-98w9)", "creation_timestamp": "2024-02-15T19:56:26.000000Z"} https://vulnerability.circl.lu/sighting/088ff45d-84de-4db3-b518-74be35da50a8/export Thu, 15 Feb 2024 19:56:26 +0000 https://vulnerability.circl.lu/sighting/53bcbb93-fc8d-498d-a85c-3ac835eb6f42/export {"uuid": "53bcbb93-fc8d-498d-a85c-3ac835eb6f42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23688", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19026", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23688\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. which should ideally be unique for every message. The node's private key isn't compromised, only the session key generated for specific peer communication is exposed.\n\n\n\ud83d\udccf Published: 2024-01-19T21:26:35.282Z\n\ud83d\udccf Modified: 2025-06-20T18:28:31.476Z\n\ud83d\udd17 References:\n1. https://github.com/ConsenSys/discovery/security/advisories/GHSA-w3hj-wr2q-x83g\n2. https://github.com/advisories/GHSA-w3hj-wr2q-x83g\n3. https://vulncheck.com/advisories/vc-advisory-GHSA-w3hj-wr2q-x83g", "creation_timestamp": "2025-06-20T18:42:20.000000Z"} {"uuid": "53bcbb93-fc8d-498d-a85c-3ac835eb6f42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23688", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19026", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23688\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Consensys Discovery versions less than 0.4.5 uses the same AES/GCM nonce for the entire session. which should ideally be unique for every message. The node's private key isn't compromised, only the session key generated for specific peer communication is exposed.\n\n\n\ud83d\udccf Published: 2024-01-19T21:26:35.282Z\n\ud83d\udccf Modified: 2025-06-20T18:28:31.476Z\n\ud83d\udd17 References:\n1. https://github.com/ConsenSys/discovery/security/advisories/GHSA-w3hj-wr2q-x83g\n2. https://github.com/advisories/GHSA-w3hj-wr2q-x83g\n3. https://vulncheck.com/advisories/vc-advisory-GHSA-w3hj-wr2q-x83g", "creation_timestamp": "2025-06-20T18:42:20.000000Z"} https://vulnerability.circl.lu/sighting/53bcbb93-fc8d-498d-a85c-3ac835eb6f42/export Fri, 20 Jun 2025 18:42:20 +0000 https://vulnerability.circl.lu/sighting/9253a3fa-38fb-40db-ab47-15c35cb676a8/export {"uuid": "9253a3fa-38fb-40db-ab47-15c35cb676a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23684", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19027", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23684\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation (CBOR) versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use of this library, this may be a remote attacker.\n\n\n\ud83d\udccf Published: 2024-01-19T20:59:02.723Z\n\ud83d\udccf Modified: 2025-06-20T18:27:45.342Z\n\ud83d\udd17 References:\n1. https://github.com/peteroupc/CBOR-Java/security/advisories/GHSA-fj2w-wfgv-mwq6\n2. https://github.com/advisories/GHSA-fj2w-wfgv-mwq6\n3. https://vulncheck.com/advisories/vc-advisory-GHSA-fj2w-wfgv-mwq6", "creation_timestamp": "2025-06-20T18:42:21.000000Z"} {"uuid": "9253a3fa-38fb-40db-ab47-15c35cb676a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23684", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19027", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23684\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Inefficient algorithmic complexity in DecodeFromBytes function in com.upokecenter.cbor Java implementation of Concise Binary Object Representation (CBOR) versions 4.0.0 to 4.5.1 allows an attacker to cause a denial of service by passing a maliciously crafted input. Depending on an application's use of this library, this may be a remote attacker.\n\n\n\ud83d\udccf Published: 2024-01-19T20:59:02.723Z\n\ud83d\udccf Modified: 2025-06-20T18:27:45.342Z\n\ud83d\udd17 References:\n1. https://github.com/peteroupc/CBOR-Java/security/advisories/GHSA-fj2w-wfgv-mwq6\n2. https://github.com/advisories/GHSA-fj2w-wfgv-mwq6\n3. https://vulncheck.com/advisories/vc-advisory-GHSA-fj2w-wfgv-mwq6", "creation_timestamp": "2025-06-20T18:42:21.000000Z"} https://vulnerability.circl.lu/sighting/9253a3fa-38fb-40db-ab47-15c35cb676a8/export Fri, 20 Jun 2025 18:42:21 +0000 https://vulnerability.circl.lu/sighting/2a8a529f-3fa4-48a3-bc1c-666c2dd91b6e/export {"uuid": "2a8a529f-3fa4-48a3-bc1c-666c2dd91b6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23683", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19028", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23683\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.\n\n\n\n\n\n\n\ud83d\udccf Published: 2024-01-19T20:48:42.271Z\n\ud83d\udccf Modified: 2025-06-20T18:26:59.260Z\n\ud83d\udd17 References:\n1. https://github.com/ls1intum/Ares/security/advisories/GHSA-883x-6fch-6wjx\n2. https://github.com/ls1intum/Ares/issues/15#issuecomment-996449371\n3. https://github.com/ls1intum/Ares/commit/af4f28a56e2fe600d8750b3b415352a0a3217392\n4. https://github.com/ls1intum/Ares/releases/tag/1.7.6\n5. https://github.com/advisories/GHSA-883x-6fch-6wjx\n6. https://vulncheck.com/advisories/vc-advisory-GHSA-883x-6fch-6wjx", "creation_timestamp": "2025-06-20T18:42:22.000000Z"} {"uuid": "2a8a529f-3fa4-48a3-bc1c-666c2dd91b6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23683", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19028", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23683\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Artemis Java Test Sandbox versions less than 1.7.6 are vulnerable to a sandbox escape when an attacker crafts a special subclass of InvocationTargetException. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.\n\n\n\n\n\n\n\ud83d\udccf Published: 2024-01-19T20:48:42.271Z\n\ud83d\udccf Modified: 2025-06-20T18:26:59.260Z\n\ud83d\udd17 References:\n1. https://github.com/ls1intum/Ares/security/advisories/GHSA-883x-6fch-6wjx\n2. https://github.com/ls1intum/Ares/issues/15#issuecomment-996449371\n3. https://github.com/ls1intum/Ares/commit/af4f28a56e2fe600d8750b3b415352a0a3217392\n4. https://github.com/ls1intum/Ares/releases/tag/1.7.6\n5. https://github.com/advisories/GHSA-883x-6fch-6wjx\n6. https://vulncheck.com/advisories/vc-advisory-GHSA-883x-6fch-6wjx", "creation_timestamp": "2025-06-20T18:42:22.000000Z"} https://vulnerability.circl.lu/sighting/2a8a529f-3fa4-48a3-bc1c-666c2dd91b6e/export Fri, 20 Jun 2025 18:42:22 +0000 https://vulnerability.circl.lu/sighting/46c8a1cd-7eb8-4c57-a8ce-86cd6face905/export {"uuid": "46c8a1cd-7eb8-4c57-a8ce-86cd6face905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23682", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19029", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23682\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.\n\n\n\n\ud83d\udccf Published: 2024-01-19T20:13:55.453Z\n\ud83d\udccf Modified: 2025-06-20T18:25:03.328Z\n\ud83d\udd17 References:\n1. https://github.com/ls1intum/Ares/security/advisories/GHSA-227w-wv4j-67h4\n2. https://github.com/ls1intum/Ares/issues/15\n3. https://github.com/ls1intum/Ares/releases/tag/1.8.0\n4. https://github.com/advisories/GHSA-227w-wv4j-67h4\n5. https://vulncheck.com/advisories/vc-advisory-GHSA-227w-wv4j-67h4", "creation_timestamp": "2025-06-20T18:42:23.000000Z"} {"uuid": "46c8a1cd-7eb8-4c57-a8ce-86cd6face905", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-23682", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19029", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-23682\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Artemis Java Test Sandbox versions before 1.8.0 are vulnerable to a sandbox escape when an attacker includes class files in a package that Ares trusts. An attacker can abuse this issue to execute arbitrary Java when a victim executes the supposedly sandboxed code.\n\n\n\n\ud83d\udccf Published: 2024-01-19T20:13:55.453Z\n\ud83d\udccf Modified: 2025-06-20T18:25:03.328Z\n\ud83d\udd17 References:\n1. https://github.com/ls1intum/Ares/security/advisories/GHSA-227w-wv4j-67h4\n2. https://github.com/ls1intum/Ares/issues/15\n3. https://github.com/ls1intum/Ares/releases/tag/1.8.0\n4. https://github.com/advisories/GHSA-227w-wv4j-67h4\n5. https://vulncheck.com/advisories/vc-advisory-GHSA-227w-wv4j-67h4", "creation_timestamp": "2025-06-20T18:42:23.000000Z"} https://vulnerability.circl.lu/sighting/46c8a1cd-7eb8-4c57-a8ce-86cd6face905/export Fri, 20 Jun 2025 18:42:23 +0000