Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 09 Jun 2026 22:37:05 +0000 c2dbeb10-81f7-41c0-949d-56147939207b https://vulnerability.circl.lu/sighting/c2dbeb10-81f7-41c0-949d-56147939207b/export {"uuid": "c2dbeb10-81f7-41c0-949d-56147939207b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28998", "type": "seen", "source": "https://t.me/cibsecurity/61394", "content": "\u203c CVE-2023-28998 \u203c\n\nThe Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure, and add new files.? Users should upgrade the Nextcloud Desktop client to 3.6.5 to receive a patch. No known workarounds are available.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-04T16:30:51.000000Z"} {"uuid": "c2dbeb10-81f7-41c0-949d-56147939207b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28998", "type": "seen", "source": "https://t.me/cibsecurity/61394", "content": "\u203c CVE-2023-28998 \u203c\n\nThe Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure, and add new files.? Users should upgrade the Nextcloud Desktop client to 3.6.5 to receive a patch. No known workarounds are available.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-04T16:30:51.000000Z"} https://vulnerability.circl.lu/sighting/c2dbeb10-81f7-41c0-949d-56147939207b/export Tue, 04 Apr 2023 16:30:51 +0000 3b111aa5-758a-4cbc-968f-9a792553f28c https://vulnerability.circl.lu/sighting/3b111aa5-758a-4cbc-968f-9a792553f28c/export {"uuid": "3b111aa5-758a-4cbc-968f-9a792553f28c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28997", "type": "seen", "source": "https://t.me/cibsecurity/61395", "content": "\u203c CVE-2023-28997 \u203c\n\nThe Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can recover and modify the contents of end-to-end encrypted files. Users should upgrade the Nextcloud Desktop client to 3.6.5 to receive a patch. No known workarounds are available.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-04T16:30:52.000000Z"} {"uuid": "3b111aa5-758a-4cbc-968f-9a792553f28c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28997", "type": "seen", "source": "https://t.me/cibsecurity/61395", "content": "\u203c CVE-2023-28997 \u203c\n\nThe Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server. Starting with version 3.0.0 and prior to version 3.6.5, a malicious server administrator can recover and modify the contents of end-to-end encrypted files. Users should upgrade the Nextcloud Desktop client to 3.6.5 to receive a patch. No known workarounds are available.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-04T16:30:52.000000Z"} https://vulnerability.circl.lu/sighting/3b111aa5-758a-4cbc-968f-9a792553f28c/export Tue, 04 Apr 2023 16:30:52 +0000 f12153b9-ec53-4377-a3fc-909ecdd73e54 https://vulnerability.circl.lu/sighting/f12153b9-ec53-4377-a3fc-909ecdd73e54/export {"uuid": "f12153b9-ec53-4377-a3fc-909ecdd73e54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28999", "type": "seen", "source": "https://t.me/cibsecurity/61386", "content": "\u203c CVE-2023-28999 \u203c\n\nNextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS app 3.0.5 until 4.8.0, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure and add new files.? This issue is fixed in Nextcloud Desktop 3.8.0, Nextcloud Android 3.25.0, and Nextcloud iOS 4.8.0. No known workarounds are available.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-06T06:02:40.000000Z"} {"uuid": "f12153b9-ec53-4377-a3fc-909ecdd73e54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28999", "type": "seen", "source": "https://t.me/cibsecurity/61386", "content": "\u203c CVE-2023-28999 \u203c\n\nNextcloud is an open-source productivity platform. In Nextcloud Desktop client 3.0.0 until 3.8.0, Nextcloud Android app 3.13.0 until 3.25.0, and Nextcloud iOS app 3.0.5 until 4.8.0, a malicious server administrator can gain full access to an end-to-end encrypted folder. They can decrypt files, recover the folder structure and add new files.? This issue is fixed in Nextcloud Desktop 3.8.0, Nextcloud Android 3.25.0, and Nextcloud iOS 4.8.0. No known workarounds are available.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-06T06:02:40.000000Z"} https://vulnerability.circl.lu/sighting/f12153b9-ec53-4377-a3fc-909ecdd73e54/export Thu, 06 Apr 2023 06:02:40 +0000 47c7b2af-4b75-47b3-8800-607b06a859d2 https://vulnerability.circl.lu/sighting/47c7b2af-4b75-47b3-8800-607b06a859d2/export {"uuid": "47c7b2af-4b75-47b3-8800-607b06a859d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28993", "type": "seen", "source": "https://t.me/cibsecurity/61666", "content": "\u203c CVE-2023-28993 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On Line plugin <= 4.6.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-07T16:28:07.000000Z"} {"uuid": "47c7b2af-4b75-47b3-8800-607b06a859d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28993", "type": "seen", "source": "https://t.me/cibsecurity/61666", "content": "\u203c CVE-2023-28993 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in Ignazio Scimone Albo Pretorio On Line plugin <= 4.6.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-07T16:28:07.000000Z"} https://vulnerability.circl.lu/sighting/47c7b2af-4b75-47b3-8800-607b06a859d2/export Fri, 07 Apr 2023 16:28:07 +0000 bf5ce210-b6bb-41ed-8604-54e6373863e6 https://vulnerability.circl.lu/sighting/bf5ce210-b6bb-41ed-8604-54e6373863e6/export {"uuid": "bf5ce210-b6bb-41ed-8604-54e6373863e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2899", "type": "seen", "source": "https://t.me/cibsecurity/65337", "content": "\u203c CVE-2023-2899 \u203c\n\nThe Google Map Shortcode WordPress plugin through 3.1.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-19T14:31:29.000000Z"} {"uuid": "bf5ce210-b6bb-41ed-8604-54e6373863e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2899", "type": "seen", "source": "https://t.me/cibsecurity/65337", "content": "\u203c CVE-2023-2899 \u203c\n\nThe Google Map Shortcode WordPress plugin through 3.1.2 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admin\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-19T14:31:29.000000Z"} https://vulnerability.circl.lu/sighting/bf5ce210-b6bb-41ed-8604-54e6373863e6/export Mon, 19 Jun 2023 14:31:29 +0000 bdeab305-01a2-405f-8f20-561046920d30 https://vulnerability.circl.lu/sighting/bdeab305-01a2-405f-8f20-561046920d30/export {"uuid": "bdeab305-01a2-405f-8f20-561046920d30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28994", "type": "seen", "source": "https://t.me/cibsecurity/69064", "content": "\u203c CVE-2023-28994 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in UX-themes Flatsome plugin <=\u00c2\u00a03.16.8 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-23T18:12:43.000000Z"} {"uuid": "bdeab305-01a2-405f-8f20-561046920d30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28994", "type": "seen", "source": "https://t.me/cibsecurity/69064", "content": "\u203c CVE-2023-28994 \u203c\n\nUnauth. Reflected Cross-Site Scripting (XSS) vulnerability in UX-themes Flatsome plugin <=\u00c2\u00a03.16.8 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-23T18:12:43.000000Z"} https://vulnerability.circl.lu/sighting/bdeab305-01a2-405f-8f20-561046920d30/export Wed, 23 Aug 2023 18:12:43 +0000 948dd7e0-80e4-432e-8c99-72ae7471f93e https://vulnerability.circl.lu/sighting/948dd7e0-80e4-432e-8c99-72ae7471f93e/export {"uuid": "948dd7e0-80e4-432e-8c99-72ae7471f93e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28990", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113646282910489753", "content": "", "creation_timestamp": "2024-12-13T15:44:20.241810Z"} {"uuid": "948dd7e0-80e4-432e-8c99-72ae7471f93e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28990", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113646282910489753", "content": "", "creation_timestamp": "2024-12-13T15:44:20.241810Z"} https://vulnerability.circl.lu/sighting/948dd7e0-80e4-432e-8c99-72ae7471f93e/export Fri, 13 Dec 2024 15:44:20 +0000