<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 09 Jul 2026 08:03:31 +0000</lastBuildDate>
    <item>
      <title>351e8e05-c800-4917-abc3-2358a1633bd1</title>
      <link>https://vulnerability.circl.lu/sighting/351e8e05-c800-4917-abc3-2358a1633bd1/export</link>
      <description>{"uuid": "351e8e05-c800-4917-abc3-2358a1633bd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}</description>
      <content:encoded>{"uuid": "351e8e05-c800-4917-abc3-2358a1633bd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:01.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/351e8e05-c800-4917-abc3-2358a1633bd1/export</guid>
      <pubDate>Thu, 23 Oct 2025 21:13:01 +0000</pubDate>
    </item>
    <item>
      <title>c2b74715-a106-4e1b-bd2a-e907ba7e5735</title>
      <link>https://vulnerability.circl.lu/sighting/c2b74715-a106-4e1b-bd2a-e907ba7e5735/export</link>
      <description>{"uuid": "c2b74715-a106-4e1b-bd2a-e907ba7e5735", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:55.000000Z"}</description>
      <content:encoded>{"uuid": "c2b74715-a106-4e1b-bd2a-e907ba7e5735", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:55.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/c2b74715-a106-4e1b-bd2a-e907ba7e5735/export</guid>
      <pubDate>Sun, 23 Feb 2025 04:10:55 +0000</pubDate>
    </item>
    <item>
      <title>71d7c2f9-b1b7-457a-98ea-05a91d00ac7f</title>
      <link>https://vulnerability.circl.lu/sighting/71d7c2f9-b1b7-457a-98ea-05a91d00ac7f/export</link>
      <description>{"uuid": "71d7c2f9-b1b7-457a-98ea-05a91d00ac7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}</description>
      <content:encoded>{"uuid": "71d7c2f9-b1b7-457a-98ea-05a91d00ac7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/71d7c2f9-b1b7-457a-98ea-05a91d00ac7f/export</guid>
      <pubDate>Thu, 06 Feb 2025 03:13:46 +0000</pubDate>
    </item>
    <item>
      <title>0420520c-5c61-4e90-b092-1492cec9b48d</title>
      <link>https://vulnerability.circl.lu/sighting/0420520c-5c61-4e90-b092-1492cec9b48d/export</link>
      <description>{"uuid": "0420520c-5c61-4e90-b092-1492cec9b48d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3201", "content": "Hackers Factory \n\nA collection of resources for linux reverse engineering\n\nhttps://github.com/michalmalik/linux-re-101\n\nA tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nA tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.\n\nhttps://github.com/ShorSec/ShadowSpray\n\nEXP for CVE-2023-28434 MinIO unauthorized to RCE\n\nhttps://github.com/AbelChe/evil_minio\n\nThis is a Proof of Concept (PoC) for CVE-2023-3244, a vulnerability in comment-like-dislike. The PoC demonstrates the exploitability of this vulnerability and serves as a reference for security researchers and developers to better understand and mitigate the risk associated with this issue.\n\nhttps://github.com/drnull03/POC-CVE-2023-3244\n\nNextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix\n\nhttps://github.com/Nextdoor/cspm_evaluation_matrix\n\nMass Exploit - CVE-2023-1698 &amp;lt; Unauthenticated Remote Command Execution\n\nhttps://github.com/codeb0ss/CVE-2023-1698-PoC\n\nPassive subdomain continous monitoring tool\n\nhttps://github.com/e1abrador/sub.Monitor\n\nAn exploit for OpenTSDB &amp;lt;= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\n\nhttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\nA collection of awesome one-liners for bug bounty hunting.\n\nhttps://github.com/0xPugazh/One-Liners\n\nThis is a useful Python script for extracting bug bounty.\n\nhttps://github.com/St74nger/writeup-miner\n\nThis repository serves as a comprehensive collection of essential wordlists utilized by bug hunters, penetration testers, and security enthusiasts during their reconnaissance and vulnerability assessment processes.\n\nhttps://github.com/bhavesh-pardhi/Wordlist-Hub\n\nKQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules &amp;amp; Hunting Rules.\n\nhttps://github.com/Bert-JanP/Hunting-Queries-Detection-Rules\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-10-23T21:34:09.000000Z"}</description>
      <content:encoded>{"uuid": "0420520c-5c61-4e90-b092-1492cec9b48d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3201", "content": "Hackers Factory \n\nA collection of resources for linux reverse engineering\n\nhttps://github.com/michalmalik/linux-re-101\n\nA tool for checking the security hardening options of the Linux kernel\n\nhttps://github.com/a13xp0p0v/kernel-hardening-checker\n\nA tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain.\n\nhttps://github.com/ShorSec/ShadowSpray\n\nEXP for CVE-2023-28434 MinIO unauthorized to RCE\n\nhttps://github.com/AbelChe/evil_minio\n\nThis is a Proof of Concept (PoC) for CVE-2023-3244, a vulnerability in comment-like-dislike. The PoC demonstrates the exploitability of this vulnerability and serves as a reference for security researchers and developers to better understand and mitigate the risk associated with this issue.\n\nhttps://github.com/drnull03/POC-CVE-2023-3244\n\nNextdoor's Cloud Security Posture Management (CSPM) Evaluation Matrix\n\nhttps://github.com/Nextdoor/cspm_evaluation_matrix\n\nMass Exploit - CVE-2023-1698 &amp;lt; Unauthenticated Remote Command Execution\n\nhttps://github.com/codeb0ss/CVE-2023-1698-PoC\n\nPassive subdomain continous monitoring tool\n\nhttps://github.com/e1abrador/sub.Monitor\n\nAn exploit for OpenTSDB &amp;lt;= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\n\nhttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\nA collection of awesome one-liners for bug bounty hunting.\n\nhttps://github.com/0xPugazh/One-Liners\n\nThis is a useful Python script for extracting bug bounty.\n\nhttps://github.com/St74nger/writeup-miner\n\nThis repository serves as a comprehensive collection of essential wordlists utilized by bug hunters, penetration testers, and security enthusiasts during their reconnaissance and vulnerability assessment processes.\n\nhttps://github.com/bhavesh-pardhi/Wordlist-Hub\n\nKQL Queries. Defender For Endpoint and Azure Sentinel Hunting and Detection Queries in KQL. Out of the box KQL queries for: Advanced Hunting, Custom Detection, Analytics Rules &amp;amp; Hunting Rules.\n\nhttps://github.com/Bert-JanP/Hunting-Queries-Detection-Rules\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-10-23T21:34:09.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0420520c-5c61-4e90-b092-1492cec9b48d/export</guid>
      <pubDate>Mon, 23 Oct 2023 21:34:09 +0000</pubDate>
    </item>
    <item>
      <title>962fe49f-257e-4655-b7bf-a3bbdd7ccfbb</title>
      <link>https://vulnerability.circl.lu/sighting/962fe49f-257e-4655-b7bf-a3bbdd7ccfbb/export</link>
      <description>{"uuid": "962fe49f-257e-4655-b7bf-a3bbdd7ccfbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3187", "content": "Hackers Factory \n\nA fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests\n\nhttps://github.com/projectdiscovery/naabu\n\nA collection of phishing samples for researchers and detection developers.\n\nhttps://github.com/rf-peixoto/phishing_pot\n\nPassive subdomain continous monitoring tool.\n\nhttps://github.com/e1abrador/sub.Monitor\n\nSecurity scanner for your Terraform code\n\nhttps://github.com/aquasecurity/tfsec\n\nDetect and remediate misconfigurations and security risks across all your GitHub and GitLab assets\n\nhttps://github.com/Legit-Labs/legitify\n\nStreamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script and open source tools.\n\nhttps://github.com/thecyberneh/scriptkiddi3\n\nUseful resources for SOC Analyst and SOC Analyst candidates.\n\nhttps://github.com/LetsDefend/awesome-soc-analyst\n\nXML-RPC Vulnerability Checker and Directory Fuzzer\n\nhttps://github.com/MINAD0/XML-RPC-Check\n\nA Python-based tool to detect the CVE-2023-30943 vulnerability in Moodle, which allows unauthorized folder creation via specially crafted requests in TinyMCE loaders.\n\nhttps://github.com/Chocapikk/CVE-2023-30943\n\nAn exploit for OpenTSDB &amp;lt;= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\n\nhttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\nNotepad++ heap buffer overflow vulnerability CVE-2023-40031 analysis and reproduction\n\nhttps://github.com/webraybtl/CVE-2023-40031\n\nPMP-Decrypter. This is a tool to decrypt the encrypted password strings in \"Patch My PC\"\n\nhttps://github.com/LuemmelSec/PMP-Decrypter\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-10T12:01:22.000000Z"}</description>
      <content:encoded>{"uuid": "962fe49f-257e-4655-b7bf-a3bbdd7ccfbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3187", "content": "Hackers Factory \n\nA fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests\n\nhttps://github.com/projectdiscovery/naabu\n\nA collection of phishing samples for researchers and detection developers.\n\nhttps://github.com/rf-peixoto/phishing_pot\n\nPassive subdomain continous monitoring tool.\n\nhttps://github.com/e1abrador/sub.Monitor\n\nSecurity scanner for your Terraform code\n\nhttps://github.com/aquasecurity/tfsec\n\nDetect and remediate misconfigurations and security risks across all your GitHub and GitLab assets\n\nhttps://github.com/Legit-Labs/legitify\n\nStreamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script and open source tools.\n\nhttps://github.com/thecyberneh/scriptkiddi3\n\nUseful resources for SOC Analyst and SOC Analyst candidates.\n\nhttps://github.com/LetsDefend/awesome-soc-analyst\n\nXML-RPC Vulnerability Checker and Directory Fuzzer\n\nhttps://github.com/MINAD0/XML-RPC-Check\n\nA Python-based tool to detect the CVE-2023-30943 vulnerability in Moodle, which allows unauthorized folder creation via specially crafted requests in TinyMCE loaders.\n\nhttps://github.com/Chocapikk/CVE-2023-30943\n\nAn exploit for OpenTSDB &amp;lt;= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\n\nhttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\nNotepad++ heap buffer overflow vulnerability CVE-2023-40031 analysis and reproduction\n\nhttps://github.com/webraybtl/CVE-2023-40031\n\nPMP-Decrypter. This is a tool to decrypt the encrypted password strings in \"Patch My PC\"\n\nhttps://github.com/LuemmelSec/PMP-Decrypter\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-10T12:01:22.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/962fe49f-257e-4655-b7bf-a3bbdd7ccfbb/export</guid>
      <pubDate>Sun, 10 Sep 2023 12:01:22 +0000</pubDate>
    </item>
    <item>
      <title>b3ca7d8a-a434-49dd-9b17-806f4a68a02d</title>
      <link>https://vulnerability.circl.lu/sighting/b3ca7d8a-a434-49dd-9b17-806f4a68a02d/export</link>
      <description>{"uuid": "b3ca7d8a-a434-49dd-9b17-806f4a68a02d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/opentsdb_key_cmd_injection.rb", "content": "", "creation_timestamp": "2023-09-08T16:06:04.000000Z"}</description>
      <content:encoded>{"uuid": "b3ca7d8a-a434-49dd-9b17-806f4a68a02d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/linux/http/opentsdb_key_cmd_injection.rb", "content": "", "creation_timestamp": "2023-09-08T16:06:04.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b3ca7d8a-a434-49dd-9b17-806f4a68a02d/export</guid>
      <pubDate>Fri, 08 Sep 2023 16:06:04 +0000</pubDate>
    </item>
    <item>
      <title>7975cb88-5e6c-4e20-9ed7-6fa40d799da8</title>
      <link>https://vulnerability.circl.lu/sighting/7975cb88-5e6c-4e20-9ed7-6fa40d799da8/export</link>
      <description>{"uuid": "7975cb88-5e6c-4e20-9ed7-6fa40d799da8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5101", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aAn exploit for OpenTSDB &amp;lt;= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\nURL\uff1ahttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-07T14:30:28.000000Z"}</description>
      <content:encoded>{"uuid": "7975cb88-5e6c-4e20-9ed7-6fa40d799da8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5101", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aAn exploit for OpenTSDB &amp;lt;= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\nURL\uff1ahttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-07T14:30:28.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7975cb88-5e6c-4e20-9ed7-6fa40d799da8/export</guid>
      <pubDate>Thu, 07 Sep 2023 14:30:28 +0000</pubDate>
    </item>
    <item>
      <title>85183073-aa8c-44bd-8734-9f299655174c</title>
      <link>https://vulnerability.circl.lu/sighting/85183073-aa8c-44bd-8734-9f299655174c/export</link>
      <description>{"uuid": "85183073-aa8c-44bd-8734-9f299655174c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36811", "type": "seen", "source": "https://t.me/cibsecurity/69481", "content": "\u203c CVE-2023-36811 \u203c\n\nborgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an attacker to be able to: 1. insert files (with no additional headers) into backups and 2. gain write access to the repository. This vulnerability does not disclose plaintext to the attacker, nor does it affect the authenticity of existing archives. Creating plausible fake archives may be feasible for empty or small archives, but is unlikely for large archives. The issue has been fixed in borgbackup 1.2.5. Users are advised to upgrade. Additionally to installing the fixed code, users must follow the upgrade procedure as documented in the change log. Data loss after being attacked can be avoided by reviewing the archives (timestamp and contents valid and as expected) after any \"borg check --repair\" and before \"borg prune\". There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-30T22:12:19.000000Z"}</description>
      <content:encoded>{"uuid": "85183073-aa8c-44bd-8734-9f299655174c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36811", "type": "seen", "source": "https://t.me/cibsecurity/69481", "content": "\u203c CVE-2023-36811 \u203c\n\nborgbackup is an opensource, deduplicating archiver with compression and authenticated encryption. A flaw in the cryptographic authentication scheme in borgbackup allowed an attacker to fake archives and potentially indirectly cause backup data loss in the repository. The attack requires an attacker to be able to: 1. insert files (with no additional headers) into backups and 2. gain write access to the repository. This vulnerability does not disclose plaintext to the attacker, nor does it affect the authenticity of existing archives. Creating plausible fake archives may be feasible for empty or small archives, but is unlikely for large archives. The issue has been fixed in borgbackup 1.2.5. Users are advised to upgrade. Additionally to installing the fixed code, users must follow the upgrade procedure as documented in the change log. Data loss after being attacked can be avoided by reviewing the archives (timestamp and contents valid and as expected) after any \"borg check --repair\" and before \"borg prune\". There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-30T22:12:19.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/85183073-aa8c-44bd-8734-9f299655174c/export</guid>
      <pubDate>Wed, 30 Aug 2023 22:12:19 +0000</pubDate>
    </item>
    <item>
      <title>af30823d-3cc4-46dc-a8d1-fc8e545a4ef2</title>
      <link>https://vulnerability.circl.lu/sighting/af30823d-3cc4-46dc-a8d1-fc8e545a4ef2/export</link>
      <description>{"uuid": "af30823d-3cc4-46dc-a8d1-fc8e545a4ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36818", "type": "seen", "source": "https://t.me/cibsecurity/66763", "content": "\u203c CVE-2023-36818 \u203c\n\nDiscourse is an open source discussion platform. In affected versions a request to create or update custom sidebar section can cause a denial of service. This issue has been patched in commit `52b003d915`. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-15T02:22:41.000000Z"}</description>
      <content:encoded>{"uuid": "af30823d-3cc4-46dc-a8d1-fc8e545a4ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36818", "type": "seen", "source": "https://t.me/cibsecurity/66763", "content": "\u203c CVE-2023-36818 \u203c\n\nDiscourse is an open source discussion platform. In affected versions a request to create or update custom sidebar section can cause a denial of service. This issue has been patched in commit `52b003d915`. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-15T02:22:41.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/af30823d-3cc4-46dc-a8d1-fc8e545a4ef2/export</guid>
      <pubDate>Sat, 15 Jul 2023 02:22:41 +0000</pubDate>
    </item>
    <item>
      <title>ef8e9708-32a0-4481-a142-acf7595293ab</title>
      <link>https://vulnerability.circl.lu/sighting/ef8e9708-32a0-4481-a142-acf7595293ab/export</link>
      <description>{"uuid": "ef8e9708-32a0-4481-a142-acf7595293ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/hunter4good/196", "content": "https://twitter.com/HunterMapping/status/1676168986189340672\n\ud83d\udea8Alert\ud83d\udea8 CVE-2023-36812 #OpenTSDB #RCE vulnerability\n\n\ud83d\udcce https://hunter.how/list?searchValue=favicon_hash%3D%227f4338a0648aaefcdb73240e8420387b%22\n\n1\u20e3 FOFA: icon_hash=\"407286339\"\n2\u20e3 Shodan: http.favicon.hash:407286339\n\nRefer to: \nhttps://securityonline.info/cve-2023-36812-opentsdb-faces-high-risk-security-vulnerability/\nhttps://github.com/OpenTSDB/opentsdb/issues/2261", "creation_timestamp": "2023-07-04T12:53:30.000000Z"}</description>
      <content:encoded>{"uuid": "ef8e9708-32a0-4481-a142-acf7595293ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36812", "type": "published-proof-of-concept", "source": "https://t.me/hunter4good/196", "content": "https://twitter.com/HunterMapping/status/1676168986189340672\n\ud83d\udea8Alert\ud83d\udea8 CVE-2023-36812 #OpenTSDB #RCE vulnerability\n\n\ud83d\udcce https://hunter.how/list?searchValue=favicon_hash%3D%227f4338a0648aaefcdb73240e8420387b%22\n\n1\u20e3 FOFA: icon_hash=\"407286339\"\n2\u20e3 Shodan: http.favicon.hash:407286339\n\nRefer to: \nhttps://securityonline.info/cve-2023-36812-opentsdb-faces-high-risk-security-vulnerability/\nhttps://github.com/OpenTSDB/opentsdb/issues/2261", "creation_timestamp": "2023-07-04T12:53:30.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/ef8e9708-32a0-4481-a142-acf7595293ab/export</guid>
      <pubDate>Tue, 04 Jul 2023 12:53:30 +0000</pubDate>
    </item>
  </channel>
</rss>
