Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 04 Jun 2026 14:12:39 +0000 dc19982b-2a33-402e-af6f-135a636baefc https://vulnerability.circl.lu/sighting/dc19982b-2a33-402e-af6f-135a636baefc/export {"uuid": "dc19982b-2a33-402e-af6f-135a636baefc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28914", "type": "seen", "source": "https://t.me/cibsecurity/16488", "content": "\u203c CVE-2020-28914 \u203c\n\nAn improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest. For a container breakout situation, a malicious guest can potentially modify or delete files/directories expected to be read-only.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-18T00:39:35.000000Z"} {"uuid": "dc19982b-2a33-402e-af6f-135a636baefc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28914", "type": "seen", "source": "https://t.me/cibsecurity/16488", "content": "\u203c CVE-2020-28914 \u203c\n\nAn improper file permissions vulnerability affects Kata Containers prior to 1.11.5. When using a Kubernetes hostPath volume and mounting either a file or directory into a container as readonly, the file/directory is mounted as readOnly inside the container, but is still writable inside the guest. For a container breakout situation, a malicious guest can potentially modify or delete files/directories expected to be read-only.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-18T00:39:35.000000Z"} https://vulnerability.circl.lu/sighting/dc19982b-2a33-402e-af6f-135a636baefc/export Wed, 18 Nov 2020 00:39:35 +0000 3ac68471-1ab4-466e-9a05-14abc2ef1fc8 https://vulnerability.circl.lu/sighting/3ac68471-1ab4-466e-9a05-14abc2ef1fc8/export {"uuid": "3ac68471-1ab4-466e-9a05-14abc2ef1fc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28914", "type": "seen", "source": "https://t.me/bhhub/44", "content": "#BugBountyTips of the Day\n#Bugbounty I just got a P2 Accepted on @GoogleVRP, RCE as root in a Google's acquisition, fingers crossed #infosec https://t.co/4eZXBUeXlw\n---\nAtlassian agreed to publicly disclose my report which resulted in CVE-2020-28914 against @katacontainers, and netted my second largest bounty ever! Thanks to @Atlassian and @Bugcrowd \ud83d\ude0e #BugBounty https://t.co/WsGayUzsqs\n---\nNew Video alert\ud83d\udea8! This week we're covering another type of API, GraphQL! GraphQL is a new tech so it's full of bugs, and actually really simple bugs\ud83d\ude2c. The difficult part of GQL is the syntax not the complex bugs, check it out! https://t.co/n0HxSMeVls #BugBounty #bugbountytips https://t.co/Lx9U4xiGG0\n---\nIt's released! galer \u2014 A fast tool to fetch URLs from HTML attributes by crawl-in. Inspired by the @omespino Tweet. See https://t.co/8AlV5FuGQ7 #go #golang #spider #crawler #bugbounty #bugbountytips\n---\nI'm very pleased to announce, that I have chosen as a @Hacker0x01 Ambassador. \ud83e\udd73\ud83d\ude07 Thank you so much for this wonderful opportunity HackerOne. #hackerone #bugbounty #infosec #togetherwehitharder", "creation_timestamp": "2020-12-03T13:37:04.000000Z"} {"uuid": "3ac68471-1ab4-466e-9a05-14abc2ef1fc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-28914", "type": "seen", "source": "https://t.me/bhhub/44", "content": "#BugBountyTips of the Day\n#Bugbounty I just got a P2 Accepted on @GoogleVRP, RCE as root in a Google's acquisition, fingers crossed #infosec https://t.co/4eZXBUeXlw\n---\nAtlassian agreed to publicly disclose my report which resulted in CVE-2020-28914 against @katacontainers, and netted my second largest bounty ever! Thanks to @Atlassian and @Bugcrowd \ud83d\ude0e #BugBounty https://t.co/WsGayUzsqs\n---\nNew Video alert\ud83d\udea8! This week we're covering another type of API, GraphQL! GraphQL is a new tech so it's full of bugs, and actually really simple bugs\ud83d\ude2c. The difficult part of GQL is the syntax not the complex bugs, check it out! https://t.co/n0HxSMeVls #BugBounty #bugbountytips https://t.co/Lx9U4xiGG0\n---\nIt's released! galer \u2014 A fast tool to fetch URLs from HTML attributes by crawl-in. Inspired by the @omespino Tweet. See https://t.co/8AlV5FuGQ7 #go #golang #spider #crawler #bugbounty #bugbountytips\n---\nI'm very pleased to announce, that I have chosen as a @Hacker0x01 Ambassador. \ud83e\udd73\ud83d\ude07 Thank you so much for this wonderful opportunity HackerOne. #hackerone #bugbounty #infosec #togetherwehitharder", "creation_timestamp": "2020-12-03T13:37:04.000000Z"} https://vulnerability.circl.lu/sighting/3ac68471-1ab4-466e-9a05-14abc2ef1fc8/export Thu, 03 Dec 2020 13:37:04 +0000