Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 29 Jun 2026 08:43:59 +0000 b86f0e86-f552-4cc7-8c84-f953444e5d03 https://vulnerability.circl.lu/sighting/b86f0e86-f552-4cc7-8c84-f953444e5d03/export {"uuid": "b86f0e86-f552-4cc7-8c84-f953444e5d03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31670", "type": "seen", "source": "https://t.me/cibsecurity/64600", "content": "\u203c CVE-2023-31670 \u203c\n\nAn issue in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and wasm-validate 1.0.32 allows attackers to cause a Denial of Service (DoS) via running a crafted binary.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-23T07:25:20.000000Z"} {"uuid": "b86f0e86-f552-4cc7-8c84-f953444e5d03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31670", "type": "seen", "source": "https://t.me/cibsecurity/64600", "content": "\u203c CVE-2023-31670 \u203c\n\nAn issue in wasm2c 1.0.32, wasm2wat 1.0.32, wasm-decompile 1.0.32, and wasm-validate 1.0.32 allows attackers to cause a Denial of Service (DoS) via running a crafted binary.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-23T07:25:20.000000Z"} https://vulnerability.circl.lu/sighting/b86f0e86-f552-4cc7-8c84-f953444e5d03/export Tue, 23 May 2023 07:25:20 +0000 197f698e-fb0f-47e3-913d-791e5a000fdd https://vulnerability.circl.lu/sighting/197f698e-fb0f-47e3-913d-791e5a000fdd/export {"uuid": "197f698e-fb0f-47e3-913d-791e5a000fdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31671", "type": "seen", "source": "https://t.me/cibsecurity/65241", "content": "\u203c CVE-2023-31671 \u203c\n\nPrestaShop postfinance <= 17.1.13 is vulnerable to SQL Injection via PostfinanceValidationModuleFrontController::postProcess().\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-14T22:21:00.000000Z"} {"uuid": "197f698e-fb0f-47e3-913d-791e5a000fdd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31671", "type": "seen", "source": "https://t.me/cibsecurity/65241", "content": "\u203c CVE-2023-31671 \u203c\n\nPrestaShop postfinance <= 17.1.13 is vulnerable to SQL Injection via PostfinanceValidationModuleFrontController::postProcess().\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-14T22:21:00.000000Z"} https://vulnerability.circl.lu/sighting/197f698e-fb0f-47e3-913d-791e5a000fdd/export Wed, 14 Jun 2023 22:21:00 +0000 2d6ca70c-7240-4926-bd2f-131a0106d539 https://vulnerability.circl.lu/sighting/2d6ca70c-7240-4926-bd2f-131a0106d539/export {"uuid": "2d6ca70c-7240-4926-bd2f-131a0106d539", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3167", "type": "seen", "source": "https://t.me/arpsyndicate/2344", "content": "#ExploitObserverAlert\n\nCVE-2023-3167\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-3167. The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\nFIRST-EPSS: 0.000520000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2024-01-03T19:06:40.000000Z"} {"uuid": "2d6ca70c-7240-4926-bd2f-131a0106d539", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3167", "type": "seen", "source": "https://t.me/arpsyndicate/2344", "content": "#ExploitObserverAlert\n\nCVE-2023-3167\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-3167. The Mail Queue plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an email subject in versions up to, and including, 1.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\nFIRST-EPSS: 0.000520000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2024-01-03T19:06:40.000000Z"} https://vulnerability.circl.lu/sighting/2d6ca70c-7240-4926-bd2f-131a0106d539/export Wed, 03 Jan 2024 19:06:40 +0000 13fe8b37-6a71-473a-a874-b969f6b7014e https://vulnerability.circl.lu/sighting/13fe8b37-6a71-473a-a874-b969f6b7014e/export {"uuid": "13fe8b37-6a71-473a-a874-b969f6b7014e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31677", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2764", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-31677\n\ud83d\udd39 Description: Insecure permissions in luowice 3.5.18 allow attackers to view information for other alarm devices via modification of the eseeid parameter.\n\ud83d\udccf Published: 2023-05-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-23T17:00:18.884Z\n\ud83d\udd17 References:\n1. https://github.com/zzh-newlearner/record/blob/main/luowice.md", "creation_timestamp": "2025-01-23T17:03:01.000000Z"} {"uuid": "13fe8b37-6a71-473a-a874-b969f6b7014e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31677", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2764", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-31677\n\ud83d\udd39 Description: Insecure permissions in luowice 3.5.18 allow attackers to view information for other alarm devices via modification of the eseeid parameter.\n\ud83d\udccf Published: 2023-05-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-23T17:00:18.884Z\n\ud83d\udd17 References:\n1. https://github.com/zzh-newlearner/record/blob/main/luowice.md", "creation_timestamp": "2025-01-23T17:03:01.000000Z"} https://vulnerability.circl.lu/sighting/13fe8b37-6a71-473a-a874-b969f6b7014e/export Thu, 23 Jan 2025 17:03:01 +0000 0a261d33-f8b8-4336-b2b1-28b72e10b317 https://vulnerability.circl.lu/sighting/0a261d33-f8b8-4336-b2b1-28b72e10b317/export {"uuid": "0a261d33-f8b8-4336-b2b1-28b72e10b317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31678", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2766", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-31678\n\ud83d\udd39 Description: Incorrect access control in Videogo v6.8.1 allows attackers to bind shared devices after the connection has been ended.\n\ud83d\udccf Published: 2023-05-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-23T16:55:56.106Z\n\ud83d\udd17 References:\n1. https://github.com/zzh-newlearner/record/blob/main/yingshi_devicekey.md", "creation_timestamp": "2025-01-23T17:03:03.000000Z"} {"uuid": "0a261d33-f8b8-4336-b2b1-28b72e10b317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31678", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2766", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-31678\n\ud83d\udd39 Description: Incorrect access control in Videogo v6.8.1 allows attackers to bind shared devices after the connection has been ended.\n\ud83d\udccf Published: 2023-05-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-23T16:55:56.106Z\n\ud83d\udd17 References:\n1. https://github.com/zzh-newlearner/record/blob/main/yingshi_devicekey.md", "creation_timestamp": "2025-01-23T17:03:03.000000Z"} https://vulnerability.circl.lu/sighting/0a261d33-f8b8-4336-b2b1-28b72e10b317/export Thu, 23 Jan 2025 17:03:03 +0000 77acb0f1-80be-485c-959e-5f684f0d519d https://vulnerability.circl.lu/sighting/77acb0f1-80be-485c-959e-5f684f0d519d/export {"uuid": "77acb0f1-80be-485c-959e-5f684f0d519d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31679", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2771", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-31679\n\ud83d\udd39 Description: Incorrect access control in Videogo v6.8.1 allows attackers to access images from other devices via modification of the Device Id parameter.\n\ud83d\udccf Published: 2023-05-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-23T16:52:07.548Z\n\ud83d\udd17 References:\n1. https://github.com/zzh-newlearner/record/blob/main/yingshi_privacy.md", "creation_timestamp": "2025-01-23T17:03:10.000000Z"} {"uuid": "77acb0f1-80be-485c-959e-5f684f0d519d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31679", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2771", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-31679\n\ud83d\udd39 Description: Incorrect access control in Videogo v6.8.1 allows attackers to access images from other devices via modification of the Device Id parameter.\n\ud83d\udccf Published: 2023-05-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-01-23T16:52:07.548Z\n\ud83d\udd17 References:\n1. https://github.com/zzh-newlearner/record/blob/main/yingshi_privacy.md", "creation_timestamp": "2025-01-23T17:03:10.000000Z"} https://vulnerability.circl.lu/sighting/77acb0f1-80be-485c-959e-5f684f0d519d/export Thu, 23 Jan 2025 17:03:10 +0000 a9f873ad-9e5c-42c7-be50-de76265a1062 https://vulnerability.circl.lu/sighting/a9f873ad-9e5c-42c7-be50-de76265a1062/export {"uuid": "a9f873ad-9e5c-42c7-be50-de76265a1062", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31670", "type": "seen", "source": "Telegram/duLKQleybirdQN-6JeJZWtzUMlq22w4GzKfTdJJW1CVfiGUd", "content": "", "creation_timestamp": "2025-02-01T17:28:10.000000Z"} {"uuid": "a9f873ad-9e5c-42c7-be50-de76265a1062", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31670", "type": "seen", "source": "Telegram/duLKQleybirdQN-6JeJZWtzUMlq22w4GzKfTdJJW1CVfiGUd", "content": "", "creation_timestamp": "2025-02-01T17:28:10.000000Z"} https://vulnerability.circl.lu/sighting/a9f873ad-9e5c-42c7-be50-de76265a1062/export Sat, 01 Feb 2025 17:28:10 +0000