https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 22 Jun 2026 21:50:40 +0000 https://vulnerability.circl.lu/sighting/97f9aaa0-ff75-47fb-8cbd-db71234d86e7/export {"uuid": "97f9aaa0-ff75-47fb-8cbd-db71234d86e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27464", "type": "seen", "source": "https://t.me/cibsecurity/61841", "content": "\u203c CVE-2023-27464 \u203c\n\nA vulnerability has been identified in Mendix Forgot Password (Mendix 7 compatible) (All versions < V3.7.1), Mendix Forgot Password (Mendix 8 compatible) (All versions < V4.1.1), Mendix Forgot Password (Mendix 9 compatible) (All versions < V5.1.1). The affected versions of the module contain an observable response discrepancy issue that could allow an attacker to retrieve sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T14:23:19.000000Z"} {"uuid": "97f9aaa0-ff75-47fb-8cbd-db71234d86e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27464", "type": "seen", "source": "https://t.me/cibsecurity/61841", "content": "\u203c CVE-2023-27464 \u203c\n\nA vulnerability has been identified in Mendix Forgot Password (Mendix 7 compatible) (All versions < V3.7.1), Mendix Forgot Password (Mendix 8 compatible) (All versions < V4.1.1), Mendix Forgot Password (Mendix 9 compatible) (All versions < V5.1.1). The affected versions of the module contain an observable response discrepancy issue that could allow an attacker to retrieve sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T14:23:19.000000Z"} https://vulnerability.circl.lu/sighting/97f9aaa0-ff75-47fb-8cbd-db71234d86e7/export Tue, 11 Apr 2023 14:23:19 +0000 https://vulnerability.circl.lu/sighting/c1634684-31fd-4497-816e-b0ab4474d35c/export {"uuid": "c1634684-31fd-4497-816e-b0ab4474d35c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27469", "type": "seen", "source": "https://t.me/cibsecurity/65827", "content": "\u203c CVE-2023-27469 \u203c\n\nMalwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\\0' character.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-01T00:15:22.000000Z"} {"uuid": "c1634684-31fd-4497-816e-b0ab4474d35c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27469", "type": "seen", "source": "https://t.me/cibsecurity/65827", "content": "\u203c CVE-2023-27469 \u203c\n\nMalwarebytes Anti-Exploit 4.4.0.220 is vulnerable to arbitrary file deletion and denial of service via an ALPC message in which FullFileNamePath lacks a '\\0' character.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-01T00:15:22.000000Z"} https://vulnerability.circl.lu/sighting/c1634684-31fd-4497-816e-b0ab4474d35c/export Sat, 01 Jul 2023 00:15:22 +0000 https://vulnerability.circl.lu/sighting/9e9c40c9-33ec-41bc-ad72-cf2ad801fe7b/export {"uuid": "9e9c40c9-33ec-41bc-ad72-cf2ad801fe7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2746", "type": "seen", "source": "https://t.me/cibsecurity/66389", "content": "\u203c CVE-2023-2746 \u203c\n\nThe Rockwell Automation Enhanced HIM software contains an API that the application uses that is not protected sufficiently and uses incorrect Cross-Origin Resource Sharing (CORS) settings and, as a result, is vulnerable to a Cross Site Request Forgery (CSRF) attack. To exploit this vulnerability, a malicious user would have to convince a user to click on an untrusted link through a social engineering attack or successfully perform a Cross Site Scripting Attack (XSS). Exploitation of a CSRF could potentially lead to sensitive information disclosure and full remote access to the affected products.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-11T18:29:41.000000Z"} {"uuid": "9e9c40c9-33ec-41bc-ad72-cf2ad801fe7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2746", "type": "seen", "source": "https://t.me/cibsecurity/66389", "content": "\u203c CVE-2023-2746 \u203c\n\nThe Rockwell Automation Enhanced HIM software contains an API that the application uses that is not protected sufficiently and uses incorrect Cross-Origin Resource Sharing (CORS) settings and, as a result, is vulnerable to a Cross Site Request Forgery (CSRF) attack. To exploit this vulnerability, a malicious user would have to convince a user to click on an untrusted link through a social engineering attack or successfully perform a Cross Site Scripting Attack (XSS). Exploitation of a CSRF could potentially lead to sensitive information disclosure and full remote access to the affected products.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-11T18:29:41.000000Z"} https://vulnerability.circl.lu/sighting/9e9c40c9-33ec-41bc-ad72-cf2ad801fe7b/export Tue, 11 Jul 2023 18:29:41 +0000