https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-06-05T17:43:34.209024+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/c3bc8e67-8baf-48c9-a683-2e723d76d4f9/exportc3bc8e67-8baf-48c9-a683-2e723d76d4f92026-06-05T17:43:34.486358+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "c3bc8e67-8baf-48c9-a683-2e723d76d4f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24807", "type": "seen", "source": "https://t.me/cibsecurity/58341", "content": "\u203c CVE-2023-24807 \u203c\n\nUndici is an HTTP/1.1 client for Node.js. Prior to version 5.19.1, the `Headers.set()` and `Headers.append()` methods are vulnerable to Regular Expression Denial of Service (ReDoS) attacks when untrusted values are passed into the functions. This is due to the inefficient regular expression used to normalize the values in the `headerValueNormalize()` utility function. This vulnerability was patched in v5.19.1. No known workarounds are available.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T20:12:35.000000Z"}2023-02-16T20:12:35+00:00https://vulnerability.circl.lu/sighting/e568c6da-5e28-48c4-9aa0-d915915279d1/exporte568c6da-5e28-48c4-9aa0-d915915279d12026-06-05T17:43:34.486293+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "e568c6da-5e28-48c4-9aa0-d915915279d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24804", "type": "seen", "source": "https://t.me/androidMalware/1781", "content": "SQL injection vulnerabilities in Owncloud Android app - CVE-2023-24804, CVE-2023-23948\nThe Owncloud Android app uses content providers to manage its data. The provider FileContentProvider has SQL injection vulnerabilities that allow malicious applications or users in the same device to obtain internal information of the app\nhttps://securitylab.github.com/advisories/GHSL-2022-059_GHSL-2022-060_Owncloud_Android_app/", "creation_timestamp": "2023-02-17T00:09:16.000000Z"}2023-02-17T00:09:16+00:00https://vulnerability.circl.lu/sighting/3c69f258-db54-4cb6-abb7-67ed1d7de411/export3c69f258-db54-4cb6-abb7-67ed1d7de4112026-06-05T17:43:34.486227+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "3c69f258-db54-4cb6-abb7-67ed1d7de411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24804", "type": "seen", "source": "https://t.me/thebugbountyhunter/7056", "content": "SQL injection vulnerabilities in Owncloud Android app - CVE-2023-24804, CVE-2023-23948\nThe Owncloud Android app uses content providers to manage its data. The provider FileContentProvider has SQL injection vulnerabilities that allow malicious applications or users in the same device to obtain internal information of the app\nhttps://securitylab.github.com/advisories/GHSL-2022-059_GHSL-2022-060_Owncloud_Android_app/", "creation_timestamp": "2023-02-17T03:23:35.000000Z"}2023-02-17T03:23:35+00:00https://vulnerability.circl.lu/sighting/7c6ce900-818b-45b6-9961-183a5ef0a66f/export7c6ce900-818b-45b6-9961-183a5ef0a66f2026-06-05T17:43:34.486159+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "7c6ce900-818b-45b6-9961-183a5ef0a66f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24804", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7828", "content": "#exploit\n1. Tips on how to write exploit scripts\nhttps://github.com/rizemon/exploit-writing-for-oswe\n\n2. Exploiting a SUID logic bug in readline\nhttps://blog.trailofbits.com/2023/02/16/suid-logic-bug-linux-readline\n\n3. CVE-2023-24804, CVE-2023-23948:\nSQL injection vulnerabilities in Owncloud Android app\nhttps://securitylab.github.com/advisories/GHSL-2022-059_GHSL-2022-060_Owncloud_Android_app", "creation_timestamp": "2023-02-26T15:28:42.000000Z"}2023-02-26T15:28:42+00:00https://vulnerability.circl.lu/sighting/a8ba2344-5c57-47f5-97d4-349cd8de6036/exporta8ba2344-5c57-47f5-97d4-349cd8de60362026-06-05T17:43:34.486095+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "a8ba2344-5c57-47f5-97d4-349cd8de6036", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24804", "type": "published-proof-of-concept", "source": "Telegram/uv1uFiDWKsOxGZBkwk8tIqSTL_hUcb07tN8YiiPHubAxEuU", "content": "", "creation_timestamp": "2023-02-27T18:37:22.000000Z"}2023-02-27T18:37:22+00:00https://vulnerability.circl.lu/sighting/ae21bb67-6976-4484-babe-d677c46384ca/exportae21bb67-6976-4484-babe-d677c46384ca2026-06-05T17:43:34.486027+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "ae21bb67-6976-4484-babe-d677c46384ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24808", "type": "seen", "source": "https://t.me/cibsecurity/60321", "content": "\u203c CVE-2023-28428 \u203c\n\nPDFio is a C library for reading and writing PDF files. In versions 1.1.0 and prior, a denial of service vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run at 100% utilization and never terminate. This is different from CVE-2023-24808. A patch for this issue is available in version 1.1.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-20T17:34:09.000000Z"}2023-03-20T17:34:09+00:00https://vulnerability.circl.lu/sighting/a6233710-eef2-49c5-a793-e6d0d099ddf4/exporta6233710-eef2-49c5-a793-e6d0d099ddf42026-06-05T17:43:34.485956+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "a6233710-eef2-49c5-a793-e6d0d099ddf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24800", "type": "seen", "source": "https://t.me/cibsecurity/61641", "content": "\u203c CVE-2023-24800 \u203c\n\nD-Link DIR878 DIR_878_FW120B05 was discovered to contain a stack overflow in the sub_495220 function. This vulnerability allows attackers to cause a Denial of Service (DoS) or execute arbitrary code via a crafted payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-07T07:27:17.000000Z"}2023-04-07T07:27:17+00:00https://vulnerability.circl.lu/sighting/51827f50-85d5-4368-90cb-ad8e15387a1c/export51827f50-85d5-4368-90cb-ad8e15387a1c2026-06-05T17:43:34.485877+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "51827f50-85d5-4368-90cb-ad8e15387a1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24805", "type": "seen", "source": "https://t.me/cibsecurity/64344", "content": "\u203c CVE-2023-24805 \u203c\n\ncups-filters contains backends, filters, and other software required to get the cups printing service working on operating systems other than macos. If you use the Backend Error Handler (beh) to create an accessible network printer, this security vulnerability can cause remote code execution. `beh.c` contains the line `retval = system(cmdline) >> 8;` which calls the `system` command with the operand `cmdline`. `cmdline` contains multiple user controlled, unsanitized values. As a result an attacker with network access to the hosted print server can exploit this vulnerability to inject system commands which are executed in the context of the running server. This issue has been addressed in commit `8f2740357` and is expected to be bundled in the next release. Users are advised to upgrade when possible and to restrict access to network printers in the meantime.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-17T22:33:02.000000Z"}2023-05-17T22:33:02+00:00https://vulnerability.circl.lu/sighting/192b3ce8-1876-4aba-8cd8-0f81ec85e34e/export192b3ce8-1876-4aba-8cd8-0f81ec85e34e2026-06-05T17:43:34.485774+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "192b3ce8-1876-4aba-8cd8-0f81ec85e34e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24800", "type": "seen", "source": "Telegram/f_lfHAL0_bFC5cY4X1DxzmLFkzpsggMZ9CRaSvxoLfQsvt_D", "content": "", "creation_timestamp": "2025-02-14T10:06:10.000000Z"}2025-02-14T10:06:10+00:00https://vulnerability.circl.lu/sighting/4c63a402-addd-4f35-864a-4a82f695346f/export4c63a402-addd-4f35-864a-4a82f695346f2026-06-05T17:43:34.483606+00:00Automation userhttps://cve.circl.lu/user/automation{"uuid": "4c63a402-addd-4f35-864a-4a82f695346f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24800", "type": "seen", "source": "Telegram/U3j_1nzLJaVjSuAFWynDxnq1XwH1ACTM7SzgpIi0EezNkQKv", "content": "", "creation_timestamp": "2025-02-14T10:08:10.000000Z"}2025-02-14T10:08:10+00:00