https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 10 May 2026 17:26:52 +0000 https://vulnerability.circl.lu/sighting/0a742597-c655-4d96-87ef-0d4d658d498a/export {"uuid": "0a742597-c655-4d96-87ef-0d4d658d498a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11314", "content": "#Red_Team_Tactics\n1. Bypassing UAC with SSPI Datagram Contexts\nhttps://github.com/antonioCoco/SspiUacBypass\n2. Call and Register - Relay Attack on WinReg RPC Client\nhttps://www.akamai.com/blog/security-research/winreg-relay-vulnerability\n]-> https://github.com/akamai/akamai-security-research/tree/main/PoCs/cve-2024-43532", "creation_timestamp": "2024-10-23T00:48:15.000000Z"} {"uuid": "0a742597-c655-4d96-87ef-0d4d658d498a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11314", "content": "#Red_Team_Tactics\n1. Bypassing UAC with SSPI Datagram Contexts\nhttps://github.com/antonioCoco/SspiUacBypass\n2. Call and Register - Relay Attack on WinReg RPC Client\nhttps://www.akamai.com/blog/security-research/winreg-relay-vulnerability\n]-> https://github.com/akamai/akamai-security-research/tree/main/PoCs/cve-2024-43532", "creation_timestamp": "2024-10-23T00:48:15.000000Z"} https://vulnerability.circl.lu/sighting/0a742597-c655-4d96-87ef-0d4d658d498a/export Wed, 23 Oct 2024 00:48:15 +0000 https://vulnerability.circl.lu/sighting/7cb06914-1445-4bad-a1d5-55b6cc0d9e52/export {"uuid": "7cb06914-1445-4bad-a1d5-55b6cc0d9e52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/603", "content": "https://www.akamai.com/blog/security-research/winreg-relay-vulnerability\n\nCall and Register \u2014 Relay Attack on WinReg RPC Client\n\nhttps://github.com/akamai/akamai-security-research/tree/main/PoCs/cve-2024-43532\n\n#\u5206\u6790 #github #poc", "creation_timestamp": "2024-10-23T19:29:44.000000Z"} {"uuid": "7cb06914-1445-4bad-a1d5-55b6cc0d9e52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/603", "content": "https://www.akamai.com/blog/security-research/winreg-relay-vulnerability\n\nCall and Register \u2014 Relay Attack on WinReg RPC Client\n\nhttps://github.com/akamai/akamai-security-research/tree/main/PoCs/cve-2024-43532\n\n#\u5206\u6790 #github #poc", "creation_timestamp": "2024-10-23T19:29:44.000000Z"} https://vulnerability.circl.lu/sighting/7cb06914-1445-4bad-a1d5-55b6cc0d9e52/export Wed, 23 Oct 2024 19:29:44 +0000 https://vulnerability.circl.lu/sighting/e850046f-6c69-4994-867e-9a7abbd08a24/export {"uuid": "e850046f-6c69-4994-867e-9a7abbd08a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "published-proof-of-concept", "source": "https://t.me/paiddpam/5692", "content": "\ud83d\udd14Call and Register \u2014 Relay Attack on WinReg RPC Client\n\nA critical vulnerability (CVE-2024-43532) has been identified in Microsoft\u2019s Remote Registry client. This flaw allows attackers to exploit insecure fallback mechanisms in the WinReg client, enabling them to relay authentication details and make unauthorized certificate requests through Active Directory Certificate Services (ADCS).\n\n\ud83d\udd17 Research:\nhttps://www.akamai.com/blog/security-research/winreg-relay-vulnerability\n\n\ud83d\udd17 RPC Visibility Tool:\nhttps://github.com/akamai/akamai-security-research/tree/main/rpc_toolkit/rpc_visibility\n\n\ud83d\udd17 PoC: \nhttps://github.com/akamai/akamai-security-research/tree/main/PoCs/cve-2024-43532\n\n#ad #adcs #rpc #ntlm #relay #etw #advapi", "creation_timestamp": "2024-10-26T07:01:58.000000Z"} {"uuid": "e850046f-6c69-4994-867e-9a7abbd08a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "published-proof-of-concept", "source": "https://t.me/paiddpam/5692", "content": "\ud83d\udd14Call and Register \u2014 Relay Attack on WinReg RPC Client\n\nA critical vulnerability (CVE-2024-43532) has been identified in Microsoft\u2019s Remote Registry client. This flaw allows attackers to exploit insecure fallback mechanisms in the WinReg client, enabling them to relay authentication details and make unauthorized certificate requests through Active Directory Certificate Services (ADCS).\n\n\ud83d\udd17 Research:\nhttps://www.akamai.com/blog/security-research/winreg-relay-vulnerability\n\n\ud83d\udd17 RPC Visibility Tool:\nhttps://github.com/akamai/akamai-security-research/tree/main/rpc_toolkit/rpc_visibility\n\n\ud83d\udd17 PoC: \nhttps://github.com/akamai/akamai-security-research/tree/main/PoCs/cve-2024-43532\n\n#ad #adcs #rpc #ntlm #relay #etw #advapi", "creation_timestamp": "2024-10-26T07:01:58.000000Z"} https://vulnerability.circl.lu/sighting/e850046f-6c69-4994-867e-9a7abbd08a24/export Sat, 26 Oct 2024 07:01:58 +0000 https://vulnerability.circl.lu/sighting/7d086bea-91b3-4cef-96b0-e71b582d2fa5/export {"uuid": "7d086bea-91b3-4cef-96b0-e71b582d2fa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "published-proof-of-concept", "source": "Telegram/74XbNTyUwF2B4MXU61M5oBrjYfLE_ydB7RIx5kz_w3oA1w", "content": "", "creation_timestamp": "2024-10-26T07:01:58.000000Z"} {"uuid": "7d086bea-91b3-4cef-96b0-e71b582d2fa5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "published-proof-of-concept", "source": "Telegram/74XbNTyUwF2B4MXU61M5oBrjYfLE_ydB7RIx5kz_w3oA1w", "content": "", "creation_timestamp": "2024-10-26T07:01:58.000000Z"} https://vulnerability.circl.lu/sighting/7d086bea-91b3-4cef-96b0-e71b582d2fa5/export Sat, 26 Oct 2024 07:01:58 +0000 https://vulnerability.circl.lu/sighting/07b55f17-8640-475c-b6c7-e721014a9944/export {"uuid": "07b55f17-8640-475c-b6c7-e721014a9944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "seen", "source": "https://infosec.exchange/users/0patch/statuses/113470701686773635", "content": "", "creation_timestamp": "2024-11-12T15:31:51.390593Z"} {"uuid": "07b55f17-8640-475c-b6c7-e721014a9944", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43532", "type": "seen", "source": "https://infosec.exchange/users/0patch/statuses/113470701686773635", "content": "", "creation_timestamp": "2024-11-12T15:31:51.390593Z"} https://vulnerability.circl.lu/sighting/07b55f17-8640-475c-b6c7-e721014a9944/export Tue, 12 Nov 2024 15:31:51 +0000 https://vulnerability.circl.lu/sighting/037fa9ed-73c6-41e0-ac8f-241780a12850/export {"uuid": "037fa9ed-73c6-41e0-ac8f-241780a12850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43530", "type": "seen", "source": "https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review", "content": "", "creation_timestamp": "2024-11-12T18:26:35.000000Z"} {"uuid": "037fa9ed-73c6-41e0-ac8f-241780a12850", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43530", "type": "seen", "source": "https://www.thezdi.com/blog/2024/11/12/the-november-2024-security-update-review", "content": "", "creation_timestamp": "2024-11-12T18:26:35.000000Z"} https://vulnerability.circl.lu/sighting/037fa9ed-73c6-41e0-ac8f-241780a12850/export Tue, 12 Nov 2024 18:26:35 +0000 https://vulnerability.circl.lu/sighting/667236bb-42a0-4f91-a4d0-ed011137eb28/export {"uuid": "667236bb-42a0-4f91-a4d0-ed011137eb28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43530", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113471445573585064", "content": "", "creation_timestamp": "2024-11-12T18:40:53.282604Z"} {"uuid": "667236bb-42a0-4f91-a4d0-ed011137eb28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43530", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113471445573585064", "content": "", "creation_timestamp": "2024-11-12T18:40:53.282604Z"} https://vulnerability.circl.lu/sighting/667236bb-42a0-4f91-a4d0-ed011137eb28/export Tue, 12 Nov 2024 18:40:53 +0000 https://vulnerability.circl.lu/sighting/7b64ae56-612c-4ee9-abd3-b78c3f10fab2/export {"uuid": "7b64ae56-612c-4ee9-abd3-b78c3f10fab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4353", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2248", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4353\n\ud83d\udd39 Description: Concrete CMS versions 9.0.0 through 9.3.2 are affected by a stored XSS vulnerability in the generate dashboard board\ninstance functionality. The Name input field does not check the input sufficiently letting a rogue administrator have the capability to inject malicious\nJavaScript code. The Concrete CMS security team gave this vulnerability\u00a0a CVSS v4 score of 4.6 with a vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N. Concrete versions below 9 are not affected by this vulnerability.Thanks fhAnso for reporting. (CNA updated this risk rank on 17 Jan 2025 by lowering the AC based on CVSS 4.0 documentation that access privileges should not be considered for AC).\n\ud83d\udccf Published: 2024-08-01T18:23:31.033Z\n\ud83d\udccf Modified: 2025-01-17T21:55:57.746Z\n\ud83d\udd17 References:\n1. https://github.com/concretecms/concretecms/pull/12151\n2. https://documentation.concretecms.org/9-x/developers/introduction/version-history/933-release-notes", "creation_timestamp": "2025-01-17T22:57:15.000000Z"} {"uuid": "7b64ae56-612c-4ee9-abd3-b78c3f10fab2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4353", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2248", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4353\n\ud83d\udd39 Description: Concrete CMS versions 9.0.0 through 9.3.2 are affected by a stored XSS vulnerability in the generate dashboard board\ninstance functionality. The Name input field does not check the input sufficiently letting a rogue administrator have the capability to inject malicious\nJavaScript code. The Concrete CMS security team gave this vulnerability\u00a0a CVSS v4 score of 4.6 with a vector of CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N. Concrete versions below 9 are not affected by this vulnerability.Thanks fhAnso for reporting. (CNA updated this risk rank on 17 Jan 2025 by lowering the AC based on CVSS 4.0 documentation that access privileges should not be considered for AC).\n\ud83d\udccf Published: 2024-08-01T18:23:31.033Z\n\ud83d\udccf Modified: 2025-01-17T21:55:57.746Z\n\ud83d\udd17 References:\n1. https://github.com/concretecms/concretecms/pull/12151\n2. https://documentation.concretecms.org/9-x/developers/introduction/version-history/933-release-notes", "creation_timestamp": "2025-01-17T22:57:15.000000Z"} https://vulnerability.circl.lu/sighting/7b64ae56-612c-4ee9-abd3-b78c3f10fab2/export Fri, 17 Jan 2025 22:57:15 +0000 https://vulnerability.circl.lu/sighting/44cee7d4-d612-42ce-a3b4-4aa51786ed0c/export {"uuid": "44cee7d4-d612-42ce-a3b4-4aa51786ed0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43535", "type": "published-proof-of-concept", "source": "Telegram/Mu4J56rbgMxUjpsQgufxtJwNSOwCf2oGVYYwILA_0otXlrE", "content": "", "creation_timestamp": "2025-06-07T15:00:07.000000Z"} {"uuid": "44cee7d4-d612-42ce-a3b4-4aa51786ed0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43535", "type": "published-proof-of-concept", "source": "Telegram/Mu4J56rbgMxUjpsQgufxtJwNSOwCf2oGVYYwILA_0otXlrE", "content": "", "creation_timestamp": "2025-06-07T15:00:07.000000Z"} https://vulnerability.circl.lu/sighting/44cee7d4-d612-42ce-a3b4-4aa51786ed0c/export Sat, 07 Jun 2025 15:00:07 +0000 https://vulnerability.circl.lu/sighting/a322bd91-f9e8-4016-bc37-85e78162f2e4/export {"uuid": "a322bd91-f9e8-4016-bc37-85e78162f2e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43535", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3ltciwauyqm2a", "content": "", "creation_timestamp": "2025-07-06T14:41:20.984939Z"} {"uuid": "a322bd91-f9e8-4016-bc37-85e78162f2e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43535", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3ltciwauyqm2a", "content": "", "creation_timestamp": "2025-07-06T14:41:20.984939Z"} https://vulnerability.circl.lu/sighting/a322bd91-f9e8-4016-bc37-85e78162f2e4/export Sun, 06 Jul 2025 14:41:20 +0000