https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 17 Jun 2026 13:37:37 +0000 https://vulnerability.circl.lu/sighting/e62b7fb6-bfdc-47cd-8737-c7dd4f41912a/export {"uuid": "e62b7fb6-bfdc-47cd-8737-c7dd4f41912a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25954", "type": "seen", "source": "https://t.me/androidMalware/1848", "content": "Kyocera Android printing app is vulnerable to improper intent handling and can be abused to drop malware (CVE-2023-25954) \nhttps://www.kyoceradocumentsolutions.com/en/our-business/security/information/2023-04-11.html", "creation_timestamp": "2023-04-18T06:47:22.000000Z"} {"uuid": "e62b7fb6-bfdc-47cd-8737-c7dd4f41912a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25954", "type": "seen", "source": "https://t.me/androidMalware/1848", "content": "Kyocera Android printing app is vulnerable to improper intent handling and can be abused to drop malware (CVE-2023-25954) \nhttps://www.kyoceradocumentsolutions.com/en/our-business/security/information/2023-04-11.html", "creation_timestamp": "2023-04-18T06:47:22.000000Z"} https://vulnerability.circl.lu/sighting/e62b7fb6-bfdc-47cd-8737-c7dd4f41912a/export Tue, 18 Apr 2023 06:47:22 +0000 https://vulnerability.circl.lu/sighting/d110a1c8-17e8-4265-a05f-cd11d82e035c/export {"uuid": "d110a1c8-17e8-4265-a05f-cd11d82e035c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2595", "type": "seen", "source": "https://t.me/cibsecurity/63610", "content": "\u203c CVE-2023-2595 \u203c\n\nA vulnerability has been found in SourceCodester Billing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file ajax_service.php of the component POST Parameter Handler. The manipulation of the argument drop_services leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228397 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T16:38:51.000000Z"} {"uuid": "d110a1c8-17e8-4265-a05f-cd11d82e035c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2595", "type": "seen", "source": "https://t.me/cibsecurity/63610", "content": "\u203c CVE-2023-2595 \u203c\n\nA vulnerability has been found in SourceCodester Billing Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file ajax_service.php of the component POST Parameter Handler. The manipulation of the argument drop_services leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228397 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T16:38:51.000000Z"} https://vulnerability.circl.lu/sighting/d110a1c8-17e8-4265-a05f-cd11d82e035c/export Tue, 09 May 2023 16:38:51 +0000 https://vulnerability.circl.lu/sighting/fb33717a-784a-446e-90fe-99f690978d6d/export {"uuid": "fb33717a-784a-446e-90fe-99f690978d6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25958", "type": "seen", "source": "https://t.me/cibsecurity/64039", "content": "\u203c CVE-2023-25958 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Justin Saad Simple Tooltips plugin <=\u00c2\u00a02.1.4 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-12T20:26:59.000000Z"} {"uuid": "fb33717a-784a-446e-90fe-99f690978d6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25958", "type": "seen", "source": "https://t.me/cibsecurity/64039", "content": "\u203c CVE-2023-25958 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Justin Saad Simple Tooltips plugin <=\u00c2\u00a02.1.4 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-12T20:26:59.000000Z"} https://vulnerability.circl.lu/sighting/fb33717a-784a-446e-90fe-99f690978d6d/export Fri, 12 May 2023 20:26:59 +0000 https://vulnerability.circl.lu/sighting/003cb65c-1d39-47b5-a2fb-d50bb10e7988/export {"uuid": "003cb65c-1d39-47b5-a2fb-d50bb10e7988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25953", "type": "seen", "source": "https://t.me/cibsecurity/64596", "content": "\u203c CVE-2023-25953 \u203c\n\nCode injection vulnerability in Drive Explorer for macOS versions 3.5.4 and earlier allows an attacker who can login to the client where the affected product is installed to inject arbitrary code while processing the product execution. Since a full disk access privilege is required to execute LINE WORKS Drive Explorer, the attacker may be able to read and/or write to arbitrary files without the access privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-23T07:25:16.000000Z"} {"uuid": "003cb65c-1d39-47b5-a2fb-d50bb10e7988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25953", "type": "seen", "source": "https://t.me/cibsecurity/64596", "content": "\u203c CVE-2023-25953 \u203c\n\nCode injection vulnerability in Drive Explorer for macOS versions 3.5.4 and earlier allows an attacker who can login to the client where the affected product is installed to inject arbitrary code while processing the product execution. Since a full disk access privilege is required to execute LINE WORKS Drive Explorer, the attacker may be able to read and/or write to arbitrary files without the access privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-23T07:25:16.000000Z"} https://vulnerability.circl.lu/sighting/003cb65c-1d39-47b5-a2fb-d50bb10e7988/export Tue, 23 May 2023 07:25:16 +0000 https://vulnerability.circl.lu/sighting/951ae9c7-c2a4-449a-bef6-8eba3299057d/export {"uuid": "951ae9c7-c2a4-449a-bef6-8eba3299057d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25950", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4908", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aHTTP3ONSTEROIDS - A research on CVE-2023-25950 where HAProxy's HTTP/3 implementation fails to block a malformed HTTP header field name.\nURL\uff1ahttps://github.com/dhmosfunk/HTTP3ONSTEROIDS\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-12T13:50:18.000000Z"} {"uuid": "951ae9c7-c2a4-449a-bef6-8eba3299057d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25950", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4908", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aHTTP3ONSTEROIDS - A research on CVE-2023-25950 where HAProxy's HTTP/3 implementation fails to block a malformed HTTP header field name.\nURL\uff1ahttps://github.com/dhmosfunk/HTTP3ONSTEROIDS\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-12T13:50:18.000000Z"} https://vulnerability.circl.lu/sighting/951ae9c7-c2a4-449a-bef6-8eba3299057d/export Sat, 12 Aug 2023 13:50:18 +0000 https://vulnerability.circl.lu/sighting/92c71c9c-dc45-4577-92a7-9aad3fe931f0/export {"uuid": "92c71c9c-dc45-4577-92a7-9aad3fe931f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25951", "type": "seen", "source": "https://t.me/ctinow/201179", "content": "https://ift.tt/mqnY9rp\nCVE-2023-25951 | Intel PROSet/Wireless WiFi/Killer WiFi prior 22.240 input validation (intel-sa-00947)", "creation_timestamp": "2024-03-06T10:11:38.000000Z"} {"uuid": "92c71c9c-dc45-4577-92a7-9aad3fe931f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25951", "type": "seen", "source": "https://t.me/ctinow/201179", "content": "https://ift.tt/mqnY9rp\nCVE-2023-25951 | Intel PROSet/Wireless WiFi/Killer WiFi prior 22.240 input validation (intel-sa-00947)", "creation_timestamp": "2024-03-06T10:11:38.000000Z"} https://vulnerability.circl.lu/sighting/92c71c9c-dc45-4577-92a7-9aad3fe931f0/export Wed, 06 Mar 2024 10:11:38 +0000 https://vulnerability.circl.lu/sighting/251f5652-c81c-4e49-a4dd-08282cea25e0/export {"uuid": "251f5652-c81c-4e49-a4dd-08282cea25e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25953", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2219", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-25953\n\ud83d\udd39 Description: Code injection vulnerability in Drive Explorer for macOS versions 3.5.4 and earlier allows an attacker who can login to the client where the affected product is installed to inject arbitrary code while processing the product execution. Since a full disk access privilege is required to execute LINE WORKS Drive Explorer, the attacker may be able to read and/or write to arbitrary files without the access privileges.\n\ud83d\udccf Published: 2023-05-23T00:00:00\n\ud83d\udccf Modified: 2025-01-17T21:47:04.078Z\n\ud83d\udd17 References:\n1. https://line.worksmobile.com/jp/release-notes/20230216/\n2. https://jvn.jp/en/jp/JVN01937209/", "creation_timestamp": "2025-01-17T21:56:52.000000Z"} {"uuid": "251f5652-c81c-4e49-a4dd-08282cea25e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25953", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2219", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-25953\n\ud83d\udd39 Description: Code injection vulnerability in Drive Explorer for macOS versions 3.5.4 and earlier allows an attacker who can login to the client where the affected product is installed to inject arbitrary code while processing the product execution. Since a full disk access privilege is required to execute LINE WORKS Drive Explorer, the attacker may be able to read and/or write to arbitrary files without the access privileges.\n\ud83d\udccf Published: 2023-05-23T00:00:00\n\ud83d\udccf Modified: 2025-01-17T21:47:04.078Z\n\ud83d\udd17 References:\n1. https://line.worksmobile.com/jp/release-notes/20230216/\n2. https://jvn.jp/en/jp/JVN01937209/", "creation_timestamp": "2025-01-17T21:56:52.000000Z"} https://vulnerability.circl.lu/sighting/251f5652-c81c-4e49-a4dd-08282cea25e0/export Fri, 17 Jan 2025 21:56:52 +0000 https://vulnerability.circl.lu/sighting/9fcac149-701d-4533-8091-6f9511dbd0fd/export {"uuid": "9fcac149-701d-4533-8091-6f9511dbd0fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25955", "type": "seen", "source": "Telegram/R8-KR8G7DsglNzb08KPPvz8N2uLJSIkjLqINqDUtE3kqR69y", "content": "", "creation_timestamp": "2025-02-14T09:47:01.000000Z"} {"uuid": "9fcac149-701d-4533-8091-6f9511dbd0fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25955", "type": "seen", "source": "Telegram/R8-KR8G7DsglNzb08KPPvz8N2uLJSIkjLqINqDUtE3kqR69y", "content": "", "creation_timestamp": "2025-02-14T09:47:01.000000Z"} https://vulnerability.circl.lu/sighting/9fcac149-701d-4533-8091-6f9511dbd0fd/export Fri, 14 Feb 2025 09:47:01 +0000 https://vulnerability.circl.lu/sighting/5b2dfad6-eca3-44fd-ace8-eae20e772eb6/export {"uuid": "5b2dfad6-eca3-44fd-ace8-eae20e772eb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25950", "type": "seen", "source": "Telegram/yHU1OxJhpQpr_Zc36Hmmz5LvNQXVaqQIpP2SOA6pRjfooSGp", "content": "", "creation_timestamp": "2025-02-14T10:03:09.000000Z"} {"uuid": "5b2dfad6-eca3-44fd-ace8-eae20e772eb6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-25950", "type": "seen", "source": "Telegram/yHU1OxJhpQpr_Zc36Hmmz5LvNQXVaqQIpP2SOA6pRjfooSGp", "content": "", "creation_timestamp": "2025-02-14T10:03:09.000000Z"} https://vulnerability.circl.lu/sighting/5b2dfad6-eca3-44fd-ace8-eae20e772eb6/export Fri, 14 Feb 2025 10:03:09 +0000 https://vulnerability.circl.lu/sighting/aad87591-5771-4649-a7dd-c74d949c7b9e/export {"uuid": "aad87591-5771-4649-a7dd-c74d949c7b9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-25951", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} {"uuid": "aad87591-5771-4649-a7dd-c74d949c7b9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-25951", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"} https://vulnerability.circl.lu/sighting/aad87591-5771-4649-a7dd-c74d949c7b9e/export Thu, 19 Mar 2026 00:00:00 +0000