https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 08 May 2026 12:13:58 +0000 https://vulnerability.circl.lu/sighting/a9fc199f-b695-4d19-b879-1c90f2e71bef/export {"uuid": "a9fc199f-b695-4d19-b879-1c90f2e71bef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33502", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113827355879730690", "content": "", "creation_timestamp": "2025-01-14T15:13:33.726870Z"} {"uuid": "a9fc199f-b695-4d19-b879-1c90f2e71bef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33502", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113827355879730690", "content": "", "creation_timestamp": "2025-01-14T15:13:33.726870Z"} https://vulnerability.circl.lu/sighting/a9fc199f-b695-4d19-b879-1c90f2e71bef/export Tue, 14 Jan 2025 15:13:33 +0000 https://vulnerability.circl.lu/sighting/3c04bf6b-fb36-43f0-8c97-1f0c1d7b511a/export {"uuid": "3c04bf6b-fb36-43f0-8c97-1f0c1d7b511a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33503", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1620", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-33503\n\ud83d\udd39 Description: A improper privilege management in Fortinet FortiManager version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to escalation of privilege via specific shell commands\n\ud83d\udccf Published: 2025-01-14T14:09:33.613Z\n\ud83d\udccf Modified: 2025-01-14T20:54:57.869Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-127", "creation_timestamp": "2025-01-14T21:11:48.000000Z"} {"uuid": "3c04bf6b-fb36-43f0-8c97-1f0c1d7b511a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33503", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1620", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-33503\n\ud83d\udd39 Description: A improper privilege management in Fortinet FortiManager version 7.4.0 through 7.4.3, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14, FortiAnalyzer version 7.4.0 through 7.4.2, 7.2.0 through 7.2.5, 7.0.0 through 7.0.12, 6.4.0 through 6.4.14 allows attacker to escalation of privilege via specific shell commands\n\ud83d\udccf Published: 2025-01-14T14:09:33.613Z\n\ud83d\udccf Modified: 2025-01-14T20:54:57.869Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-127", "creation_timestamp": "2025-01-14T21:11:48.000000Z"} https://vulnerability.circl.lu/sighting/3c04bf6b-fb36-43f0-8c97-1f0c1d7b511a/export Tue, 14 Jan 2025 21:11:48 +0000 https://vulnerability.circl.lu/sighting/e5fd1c59-f42c-413d-99d7-1f152b2ae7c7/export {"uuid": "e5fd1c59-f42c-413d-99d7-1f152b2ae7c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33502", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1771", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-33502\n\ud83d\udd39 Description: An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer versions 7.4.0 through 7.4.2 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.12 and 6.4.0 through 6.4.14 and 6.2.0 through 6.2.12 and 6.0.0 through 6.0.12 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPs requests.\n\ud83d\udccf Published: 2025-01-14T14:09:50.493Z\n\ud83d\udccf Modified: 2025-01-15T14:54:27.861Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-143", "creation_timestamp": "2025-01-15T15:10:53.000000Z"} {"uuid": "e5fd1c59-f42c-413d-99d7-1f152b2ae7c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33502", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1771", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-33502\n\ud83d\udd39 Description: An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet FortiManager, FortiAnalyzer versions 7.4.0 through 7.4.2 and 7.2.0 through 7.2.5 and 7.0.0 through 7.0.12 and 6.4.0 through 6.4.14 and 6.2.0 through 6.2.12 and 6.0.0 through 6.0.12 allows attacker to execute unauthorized code or commands via crafted HTTP or HTTPs requests.\n\ud83d\udccf Published: 2025-01-14T14:09:50.493Z\n\ud83d\udccf Modified: 2025-01-15T14:54:27.861Z\n\ud83d\udd17 References:\n1. https://fortiguard.fortinet.com/psirt/FG-IR-24-143", "creation_timestamp": "2025-01-15T15:10:53.000000Z"} https://vulnerability.circl.lu/sighting/e5fd1c59-f42c-413d-99d7-1f152b2ae7c7/export Wed, 15 Jan 2025 15:10:53 +0000 https://vulnerability.circl.lu/sighting/d4262a69-b9a0-4d1f-80cb-c393558ee4b6/export {"uuid": "d4262a69-b9a0-4d1f-80cb-c393558ee4b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33504", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113986167652495803", "content": "", "creation_timestamp": "2025-02-11T16:21:28.825311Z"} {"uuid": "d4262a69-b9a0-4d1f-80cb-c393558ee4b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33504", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113986167652495803", "content": "", "creation_timestamp": "2025-02-11T16:21:28.825311Z"} https://vulnerability.circl.lu/sighting/d4262a69-b9a0-4d1f-80cb-c393558ee4b6/export Tue, 11 Feb 2025 16:21:28 +0000 https://vulnerability.circl.lu/sighting/1fd5ea1c-5b1f-4a11-9ed3-450f7cd7b3e0/export {"uuid": "1fd5ea1c-5b1f-4a11-9ed3-450f7cd7b3e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33504", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhw5xvumyc2z", "content": "", "creation_timestamp": "2025-02-11T17:16:20.331764Z"} {"uuid": "1fd5ea1c-5b1f-4a11-9ed3-450f7cd7b3e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33504", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhw5xvumyc2z", "content": "", "creation_timestamp": "2025-02-11T17:16:20.331764Z"} https://vulnerability.circl.lu/sighting/1fd5ea1c-5b1f-4a11-9ed3-450f7cd7b3e0/export Tue, 11 Feb 2025 17:16:20 +0000 https://vulnerability.circl.lu/sighting/356db3a3-3c14-4467-a233-50259d3c9b00/export {"uuid": "356db3a3-3c14-4467-a233-50259d3c9b00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33504", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113986497919466758", "content": "", "creation_timestamp": "2025-02-11T17:45:29.489103Z"} {"uuid": "356db3a3-3c14-4467-a233-50259d3c9b00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33504", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113986497919466758", "content": "", "creation_timestamp": "2025-02-11T17:45:29.489103Z"} https://vulnerability.circl.lu/sighting/356db3a3-3c14-4467-a233-50259d3c9b00/export Tue, 11 Feb 2025 17:45:29 +0000 https://vulnerability.circl.lu/sighting/0b00d794-f322-45dc-b7cf-3d1c96b79c1e/export {"uuid": "0b00d794-f322-45dc-b7cf-3d1c96b79c1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33504", "type": "seen", "source": "https://t.me/cvedetector/17727", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-33504 - FortiManager Hard-Coded Cryptographic Key Encryption Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-33504 \nPublished : Feb. 11, 2025, 5:15 p.m. | 58\u00a0minutes ago \nDescription : A use of hard-coded cryptographic key to encrypt sensitive data vulnerability [CWE-321] in FortiManager 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.9, 7.0 all versions, 6.4 all versions may allow an attacker with JSON API access permissions to decrypt some secrets even if the 'private-data-encryption' setting is enabled. \nSeverity: 4.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-11T19:53:00.000000Z"} {"uuid": "0b00d794-f322-45dc-b7cf-3d1c96b79c1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33504", "type": "seen", "source": "https://t.me/cvedetector/17727", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-33504 - FortiManager Hard-Coded Cryptographic Key Encryption Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-33504 \nPublished : Feb. 11, 2025, 5:15 p.m. | 58\u00a0minutes ago \nDescription : A use of hard-coded cryptographic key to encrypt sensitive data vulnerability [CWE-321] in FortiManager 7.6.0 through 7.6.1, 7.4.0 through 7.4.5, 7.2.0 through 7.2.9, 7.0 all versions, 6.4 all versions may allow an attacker with JSON API access permissions to decrypt some secrets even if the 'private-data-encryption' setting is enabled. \nSeverity: 4.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Feb 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-11T19:53:00.000000Z"} https://vulnerability.circl.lu/sighting/0b00d794-f322-45dc-b7cf-3d1c96b79c1e/export Tue, 11 Feb 2025 19:53:00 +0000 https://vulnerability.circl.lu/sighting/8d6e8374-6bd5-4e52-83c9-e04f5cd61996/export {"uuid": "8d6e8374-6bd5-4e52-83c9-e04f5cd61996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3350", "type": "seen", "source": "Telegram/NHaetfsXAWV-ysWI7vilrQ9aDE5s__50AtKYNE4LkPBHHHYk", "content": "", "creation_timestamp": "2025-02-14T10:01:40.000000Z"} {"uuid": "8d6e8374-6bd5-4e52-83c9-e04f5cd61996", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3350", "type": "seen", "source": "Telegram/NHaetfsXAWV-ysWI7vilrQ9aDE5s__50AtKYNE4LkPBHHHYk", "content": "", "creation_timestamp": "2025-02-14T10:01:40.000000Z"} https://vulnerability.circl.lu/sighting/8d6e8374-6bd5-4e52-83c9-e04f5cd61996/export Fri, 14 Feb 2025 10:01:40 +0000 https://vulnerability.circl.lu/sighting/4a5d7309-d4ac-4b36-b407-9c1342fd5def/export {"uuid": "4a5d7309-d4ac-4b36-b407-9c1342fd5def", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33501", "type": "seen", "source": "https://t.me/cvedetector/20101", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-33501 - Fortinet FortiAnalyzer/FortiManager/FortiAnalyzer-BigData SQL Injection\", \n \"Content\": \"CVE ID : CVE-2024-33501 \nPublished : March 11, 2025, 3:15 p.m. | 1\u00a0hour ago \nDescription : Two improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5, FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allows a privileged attacker\u00a0to execute unauthorized code or commands via specifically crafted CLI requests. \nSeverity: 4.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-11T17:37:51.000000Z"} {"uuid": "4a5d7309-d4ac-4b36-b407-9c1342fd5def", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33501", "type": "seen", "source": "https://t.me/cvedetector/20101", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-33501 - Fortinet FortiAnalyzer/FortiManager/FortiAnalyzer-BigData SQL Injection\", \n \"Content\": \"CVE ID : CVE-2024-33501 \nPublished : March 11, 2025, 3:15 p.m. | 1\u00a0hour ago \nDescription : Two improper neutralization of special elements used in an SQL Command ('SQL Injection') vulnerability [CWE-89] in Fortinet FortiAnalyzer version 7.4.0 through 7.4.2 and before 7.2.5, FortiManager version 7.4.0 through 7.4.2 and before 7.2.5 and FortiAnalyzer-BigData version 7.4.0 and before 7.2.7 allows a privileged attacker\u00a0to execute unauthorized code or commands via specifically crafted CLI requests. \nSeverity: 4.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"11 Mar 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-11T17:37:51.000000Z"} https://vulnerability.circl.lu/sighting/4a5d7309-d4ac-4b36-b407-9c1342fd5def/export Tue, 11 Mar 2025 17:37:51 +0000 https://vulnerability.circl.lu/sighting/00f6ae93-ce2f-41f0-b90c-331f72e27c2b/export {"uuid": "00f6ae93-ce2f-41f0-b90c-331f72e27c2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33501", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-8eaa21ec-de6847694340d6ba", "content": "", "creation_timestamp": "2025-03-14T07:37:36.232765Z"} {"uuid": "00f6ae93-ce2f-41f0-b90c-331f72e27c2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-33501", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-8eaa21ec-de6847694340d6ba", "content": "", "creation_timestamp": "2025-03-14T07:37:36.232765Z"} https://vulnerability.circl.lu/sighting/00f6ae93-ce2f-41f0-b90c-331f72e27c2b/export Fri, 14 Mar 2025 07:37:36 +0000