<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-08T12:03:44.103640+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/31818440-7766-441c-8388-da90752796ad/export</id>
    <title>31818440-7766-441c-8388-da90752796ad</title>
    <updated>2026-07-08T12:03:44.132061+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "31818440-7766-441c-8388-da90752796ad", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38014", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/4c65da3e-8b2b-4a41-9d7f-13409ae76bf2", "content": "", "creation_timestamp": "2026-06-23T14:05:57.808591Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/31818440-7766-441c-8388-da90752796ad/export"/>
    <published>2026-06-23T14:05:57.808591+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/97e9ff1b-d1d6-4788-ba81-df44c0edbc5c/export</id>
    <title>97e9ff1b-d1d6-4788-ba81-df44c0edbc5c</title>
    <updated>2026-07-08T12:03:44.134814+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "97e9ff1b-d1d6-4788-ba81-df44c0edbc5c", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38014", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/60b3ea31-8119-4ea6-a1c1-84ab59e17fd2", "content": "", "creation_timestamp": "2026-06-19T12:46:35.440793Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/97e9ff1b-d1d6-4788-ba81-df44c0edbc5c/export"/>
    <published>2026-06-19T12:46:35.440793+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ae175c35-e31c-403e-b8bd-7f90ed16ccf9/export</id>
    <title>ae175c35-e31c-403e-b8bd-7f90ed16ccf9</title>
    <updated>2026-07-08T12:03:44.134896+00:00</updated>
    <author>
      <name>Cédric Bonhomme</name>
      <uri>https://cve.circl.lu/user/cedric</uri>
    </author>
    <content>{"uuid": "ae175c35-e31c-403e-b8bd-7f90ed16ccf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-38014", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b40317e0-827e-49f6-9d88-4c6df33e8ca4", "content": "", "creation_timestamp": "2026-02-02T12:26:29.473448Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ae175c35-e31c-403e-b8bd-7f90ed16ccf9/export"/>
    <published>2026-02-02T12:26:29.473448+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3285a5ac-4c37-4c84-abd0-519f49dc588d/export</id>
    <title>3285a5ac-4c37-4c84-abd0-519f49dc588d</title>
    <updated>2026-07-08T12:03:44.135606+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3285a5ac-4c37-4c84-abd0-519f49dc588d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38014", "type": "published-proof-of-concept", "source": "Telegram/nMin041tCAky5Yc3vPV1PqzfXK90u6qblSscFk3GxUjBAFA", "content": "", "creation_timestamp": "2025-03-06T22:00:05.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3285a5ac-4c37-4c84-abd0-519f49dc588d/export"/>
    <published>2025-03-06T22:00:05+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/4ee6e3fb-6f64-4b7a-bd41-16e6141e4b03/export</id>
    <title>4ee6e3fb-6f64-4b7a-bd41-16e6141e4b03</title>
    <updated>2026-07-08T12:03:44.135678+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "4ee6e3fb-6f64-4b7a-bd41-16e6141e4b03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38014", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:59.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/4ee6e3fb-6f64-4b7a-bd41-16e6141e4b03/export"/>
    <published>2025-02-23T02:10:59+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/df85bac1-8f32-4889-b815-32bad2bdb684/export</id>
    <title>df85bac1-8f32-4889-b815-32bad2bdb684</title>
    <updated>2026-07-08T12:03:44.135742+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "df85bac1-8f32-4889-b815-32bad2bdb684", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38014", "type": "published-proof-of-concept", "source": "https://t.me/ap_security/709", "content": "#pentest  #tools\n\nCVE-2024-38014\n\nCVE-2024-38014 \u2014 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Windows Installer, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043f\u043e\u0432\u044b\u0448\u0430\u0442\u044c \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0438 \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u0434\u043e \u0443\u0440\u043e\u0432\u043d\u044f SYSTEM.\n\u041e\u0446\u0435\u043d\u043a\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 CVSS 3.1 \u2014 7.8 \u0431\u0430\u043b\u043b\u043e\u0432.\n\n\u0412 \u043f\u0440\u0435\u0434\u043b\u043e\u0436\u0435\u043d\u043d\u043e\u0439 \u0441\u0442\u0430\u0442\u044c\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u0440\u0430\u0437\u0431\u043e\u0440 \u0434\u0430\u043d\u043d\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438.\n\n\u0422\u0430\u043a\u0436\u0435 \u043c\u0435\u0441\u044f\u0446 \u043d\u0430\u0437\u0430\u0434 \u043f\u043e\u044f\u0432\u0438\u043b\u0441\u044f \u0438\u043d\u0441\u0442\u0440\u0443\u043c\u0435\u043d\u0442 ( \u043f\u043e\u043a\u0430 \u0435\u0449\u0451 \u0441\u044b\u0440\u043e\u0432\u0430\u0442\u044b\u0439 ), \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0438\u0439 \u0441\u0434\u0435\u043b\u0430\u0442\u044c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0451\u043d\u043d\u0443\u044e \u043e\u0446\u0435\u043d\u043a\u0443 \u043f\u043e\u0434\u0432\u0435\u0440\u0436\u0435\u043d\u043d\u043e\u0441\u0442\u0438 \u0430\u0442\u0430\u043a\u0435.", "creation_timestamp": "2024-10-21T05:12:13.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/df85bac1-8f32-4889-b815-32bad2bdb684/export"/>
    <published>2024-10-21T05:12:13+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/58da2536-10b4-4f79-aca0-c3e50843eba5/export</id>
    <title>58da2536-10b4-4f79-aca0-c3e50843eba5</title>
    <updated>2026-07-08T12:03:44.135812+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "58da2536-10b4-4f79-aca0-c3e50843eba5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38014", "type": "seen", "source": "https://t.me/InfoSecInsider/302", "content": "Tools - Hackers Factory \n\nWrite-up of a malware analysis of an #opendir python code.\n\nOpen Dir -&amp;gt; Obfuscated Python -&amp;gt; DONUT Launcher -&amp;gt; XWorm\n\nhttps://github.com/lasq88/MalwareAnalysis/blob/main/writeups/xworm/xworm.md\n\nWhatsApp-extension-manipulation-PoC\n\nhttps://github.com/0x6rss/WhatsApp-extension-manipulation-PoC/blob/main/wp.py\n\nThe simulation includes written tools, C2 servers, backdoors, exploitation techniques, stagers, bootloaders, and many other tools.\n\nHttps://github.com/S3N4T0R-0X0/APT-Attack-Simulation\n\nIvanti EPM AgentPortal RCE Vulnerability\n https://github.com/horizon3ai/CVE-2024-29847\n\nCVE-2024-29847: Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.\n\nhttps://github.com/horizon3ai/CVE-2024-29847\n\nCVE-2024-38014: Windows Installer Elevation of Privilege Vulnerability.\n\nhttps://github.com/sec-consult/msiscan?tab=readme-ov-file\n\nCVE-2024-30051: Windows DWM Core Library Elevation of Privilege Vulnerability.\n\nhttps://github.com/fortra/CVE-2024-30051?tab=readme-ov-file\n\nDecrypt GlobalProtect configuration and cookie files.\n https://github.com/rotarydrone/GlobalUnProtect\n\nSniffnet\n\nApplication to comfortably monitor your Internet traffic\n\nhttps://github.com/GyulyVGC/sniffnet\n\nParse FFUF results in GUI with option to sort based on response code, size, keyword\n\nhttps://github.com/VikzSharma/ffufwebparser\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-16T08:01:25.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/58da2536-10b4-4f79-aca0-c3e50843eba5/export"/>
    <published>2024-10-16T08:01:25+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/320e1735-b870-4eb9-a5df-4d365f4d734c/export</id>
    <title>320e1735-b870-4eb9-a5df-4d365f4d734c</title>
    <updated>2026-07-08T12:03:44.135884+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "320e1735-b870-4eb9-a5df-4d365f4d734c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38014", "type": "exploited", "source": "Telegram/xUYPQjUp4GMzJzxCxVPxpmX_pz2X3ri3FoNz3_tdQbrrGXw", "content": "", "creation_timestamp": "2024-09-24T18:11:53.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/320e1735-b870-4eb9-a5df-4d365f4d734c/export"/>
    <published>2024-09-24T18:11:53+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/1bd826ae-18cb-4c53-babc-66f90920e478/export</id>
    <title>1bd826ae-18cb-4c53-babc-66f90920e478</title>
    <updated>2026-07-08T12:03:44.135944+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "1bd826ae-18cb-4c53-babc-66f90920e478", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38014", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2024-09-20T18:10:03.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/1bd826ae-18cb-4c53-babc-66f90920e478/export"/>
    <published>2024-09-20T18:10:03+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f20fb952-e545-4053-ba29-4093fa9a7926/export</id>
    <title>f20fb952-e545-4053-ba29-4093fa9a7926</title>
    <updated>2026-07-08T12:03:44.136003+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f20fb952-e545-4053-ba29-4093fa9a7926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-38016", "type": "seen", "source": "https://t.me/cvedetector/6066", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-38016 - Visio Multiple File Format Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-38016 \nPublished : Sept. 19, 2024, 5:15 p.m. | 44\u00a0minutes ago \nDescription : Microsoft Office Visio Remote Code Execution Vulnerability \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-19T20:20:25.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f20fb952-e545-4053-ba29-4093fa9a7926/export"/>
    <published>2024-09-19T20:20:25+00:00</published>
  </entry>
</feed>
