https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 24 May 2026 07:41:46 +0000 https://vulnerability.circl.lu/sighting/69f5a342-64a5-4329-8659-ad09732ab7fa/export {"uuid": "69f5a342-64a5-4329-8659-ad09732ab7fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49764", "type": "seen", "source": "https://t.me/cvedetector/11108", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49764 - LibreNMS Stored Cross-Site Scripting (XSS)\", \n \"Content\": \"CVE ID : CVE-2024-49764 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Capture Debug Information\" page allows authenticated users to inject arbitrary JavaScript through the \"hostname\" parameter when creating a new device. This vulnerability results in the execution of malicious code when the \"Capture Debug Information\" page is visited, redirecting the user and sending non-httponly cookies to an attacker-controlled domain. This vulnerability is fixed in 24.10.0. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:27.000000Z"} {"uuid": "69f5a342-64a5-4329-8659-ad09732ab7fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49764", "type": "seen", "source": "https://t.me/cvedetector/11108", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49764 - LibreNMS Stored Cross-Site Scripting (XSS)\", \n \"Content\": \"CVE ID : CVE-2024-49764 \nPublished : Nov. 15, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. A Stored Cross-Site Scripting (XSS) vulnerability in the \"Capture Debug Information\" page allows authenticated users to inject arbitrary JavaScript through the \"hostname\" parameter when creating a new device. This vulnerability results in the execution of malicious code when the \"Capture Debug Information\" page is visited, redirecting the user and sending non-httponly cookies to an attacker-controlled domain. This vulnerability is fixed in 24.10.0. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"15 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T18:17:27.000000Z"} https://vulnerability.circl.lu/sighting/69f5a342-64a5-4329-8659-ad09732ab7fa/export Fri, 15 Nov 2024 18:17:27 +0000 https://vulnerability.circl.lu/sighting/30f031e1-2cd6-4c83-aff7-eb380c0a2e1c/export {"uuid": "30f031e1-2cd6-4c83-aff7-eb380c0a2e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49763", "type": "seen", "source": "https://t.me/cvedetector/11807", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49763 - PlexRipper Open CORS Policy Information Disclosure\", \n \"Content\": \"CVE ID : CVE-2024-49763 \nPublished : Dec. 2, 2024, 5:15 p.m. | 51\u00a0minutes ago \nDescription : PlexRipper is a cross-platform media downloader for Plex. PlexRipper\u2019s open CORS policy allows attackers to gain sensitive information from PlexRipper by getting the user to access the attacker\u2019s domain. This allows an attacking website to access the /api/PlexAccount endpoint and steal the user\u2019s Plex login. This vulnerability is fixed in 0.24.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"02 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-02T19:35:52.000000Z"} {"uuid": "30f031e1-2cd6-4c83-aff7-eb380c0a2e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49763", "type": "seen", "source": "https://t.me/cvedetector/11807", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49763 - PlexRipper Open CORS Policy Information Disclosure\", \n \"Content\": \"CVE ID : CVE-2024-49763 \nPublished : Dec. 2, 2024, 5:15 p.m. | 51\u00a0minutes ago \nDescription : PlexRipper is a cross-platform media downloader for Plex. PlexRipper\u2019s open CORS policy allows attackers to gain sensitive information from PlexRipper by getting the user to access the attacker\u2019s domain. This allows an attacking website to access the /api/PlexAccount endpoint and steal the user\u2019s Plex login. This vulnerability is fixed in 0.24.0. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"02 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-02T19:35:52.000000Z"} https://vulnerability.circl.lu/sighting/30f031e1-2cd6-4c83-aff7-eb380c0a2e1c/export Mon, 02 Dec 2024 19:35:52 +0000 https://vulnerability.circl.lu/sighting/67414059-ec26-4ac4-8a8c-7eb6d5686f7c/export {"uuid": "67414059-ec26-4ac4-8a8c-7eb6d5686f7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49765", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113681106505075065", "content": "", "creation_timestamp": "2024-12-19T19:20:25.010276Z"} {"uuid": "67414059-ec26-4ac4-8a8c-7eb6d5686f7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49765", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113681106505075065", "content": "", "creation_timestamp": "2024-12-19T19:20:25.010276Z"} https://vulnerability.circl.lu/sighting/67414059-ec26-4ac4-8a8c-7eb6d5686f7c/export Thu, 19 Dec 2024 19:20:25 +0000 https://vulnerability.circl.lu/sighting/00bd729d-a976-4d55-be5b-d8657957f96f/export {"uuid": "00bd729d-a976-4d55-be5b-d8657957f96f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49765", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113681119402600838", "content": "", "creation_timestamp": "2024-12-19T19:23:41.850610Z"} {"uuid": "00bd729d-a976-4d55-be5b-d8657957f96f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49765", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113681119402600838", "content": "", "creation_timestamp": "2024-12-19T19:23:41.850610Z"} https://vulnerability.circl.lu/sighting/00bd729d-a976-4d55-be5b-d8657957f96f/export Thu, 19 Dec 2024 19:23:41 +0000 https://vulnerability.circl.lu/sighting/deee77e8-74b9-4725-bf51-700a1095cb4c/export {"uuid": "deee77e8-74b9-4725-bf51-700a1095cb4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49765", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldoosffasn2a", "content": "", "creation_timestamp": "2024-12-19T20:15:25.569908Z"} {"uuid": "deee77e8-74b9-4725-bf51-700a1095cb4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49765", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldoosffasn2a", "content": "", "creation_timestamp": "2024-12-19T20:15:25.569908Z"} https://vulnerability.circl.lu/sighting/deee77e8-74b9-4725-bf51-700a1095cb4c/export Thu, 19 Dec 2024 20:15:25 +0000 https://vulnerability.circl.lu/sighting/dfef7aa4-2eb2-465a-ba05-5a0dfea11b0e/export {"uuid": "dfef7aa4-2eb2-465a-ba05-5a0dfea11b0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49765", "type": "seen", "source": "https://t.me/cvedetector/13366", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49765 - Discourse Local Login Bypass Authentication Weakness\", \n \"Content\": \"CVE ID : CVE-2024-49765 \nPublished : Dec. 19, 2024, 8:15 p.m. | 41\u00a0minutes ago \nDescription : Discourse is an open source platform for community discussion. Sites that are using discourse connect but still have local logins enabled could allow attackers to bypass discourse connect to create accounts and login. This problem is patched in the latest version of Discourse. Users unable to upgrade who are using discourse connect may disable all other login methods as a workaround. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T22:20:48.000000Z"} {"uuid": "dfef7aa4-2eb2-465a-ba05-5a0dfea11b0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49765", "type": "seen", "source": "https://t.me/cvedetector/13366", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49765 - Discourse Local Login Bypass Authentication Weakness\", \n \"Content\": \"CVE ID : CVE-2024-49765 \nPublished : Dec. 19, 2024, 8:15 p.m. | 41\u00a0minutes ago \nDescription : Discourse is an open source platform for community discussion. Sites that are using discourse connect but still have local logins enabled could allow attackers to bypass discourse connect to create accounts and login. This problem is patched in the latest version of Discourse. Users unable to upgrade who are using discourse connect may disable all other login methods as a workaround. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"19 Dec 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T22:20:48.000000Z"} https://vulnerability.circl.lu/sighting/dfef7aa4-2eb2-465a-ba05-5a0dfea11b0e/export Thu, 19 Dec 2024 22:20:48 +0000 https://vulnerability.circl.lu/sighting/fd597bf3-78b5-444f-8671-4025199ce16e/export {"uuid": "fd597bf3-78b5-444f-8671-4025199ce16e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49761", "type": "seen", "source": "https://gist.github.com/junaruga/54659f7454f91314cafc3fd341b36b39", "content": "", "creation_timestamp": "2025-03-17T15:53:47.000000Z"} {"uuid": "fd597bf3-78b5-444f-8671-4025199ce16e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49761", "type": "seen", "source": "https://gist.github.com/junaruga/54659f7454f91314cafc3fd341b36b39", "content": "", "creation_timestamp": "2025-03-17T15:53:47.000000Z"} https://vulnerability.circl.lu/sighting/fd597bf3-78b5-444f-8671-4025199ce16e/export Mon, 17 Mar 2025 15:53:47 +0000 https://vulnerability.circl.lu/sighting/902ce594-61f1-4610-b149-df90cc8d2e62/export {"uuid": "902ce594-61f1-4610-b149-df90cc8d2e62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49761", "type": "seen", "source": "https://gist.github.com/junaruga/f1ad603ec98ddc5c21f2ab6fa21c121d", "content": "", "creation_timestamp": "2025-03-27T14:13:15.000000Z"} {"uuid": "902ce594-61f1-4610-b149-df90cc8d2e62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49761", "type": "seen", "source": "https://gist.github.com/junaruga/f1ad603ec98ddc5c21f2ab6fa21c121d", "content": "", "creation_timestamp": "2025-03-27T14:13:15.000000Z"} https://vulnerability.circl.lu/sighting/902ce594-61f1-4610-b149-df90cc8d2e62/export Thu, 27 Mar 2025 14:13:15 +0000 https://vulnerability.circl.lu/sighting/a5834b4b-5107-4145-b5df-53e6e17efb87/export {"uuid": "a5834b4b-5107-4145-b5df-53e6e17efb87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49766", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-01T18:11:57.000000Z"} {"uuid": "a5834b4b-5107-4145-b5df-53e6e17efb87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49766", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-01T18:11:57.000000Z"} https://vulnerability.circl.lu/sighting/a5834b4b-5107-4145-b5df-53e6e17efb87/export Wed, 01 Oct 2025 18:11:57 +0000 https://vulnerability.circl.lu/sighting/529f1ef5-d8f3-40d6-949a-2259a6b0c057/export {"uuid": "529f1ef5-d8f3-40d6-949a-2259a6b0c057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49766", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-08T21:59:32.000000Z"} {"uuid": "529f1ef5-d8f3-40d6-949a-2259a6b0c057", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49766", "type": "seen", "source": "MISP/af790da0-9e28-4cb7-bd4e-46ad005115c6", "content": "", "creation_timestamp": "2025-10-08T21:59:32.000000Z"} https://vulnerability.circl.lu/sighting/529f1ef5-d8f3-40d6-949a-2259a6b0c057/export Wed, 08 Oct 2025 21:59:32 +0000