https://vulnerability.circl.lu/sightings/feed 2026-06-24T04:30:34.390772+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/5d44b0b1-1464-4b9e-8894-44d0bfc4fb82/export 2026-06-24T04:30:34.410218+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "5d44b0b1-1464-4b9e-8894-44d0bfc4fb82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/GhostsForum/21852", "content": "Tools - Hackers Factory\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/xnl-h4ck3r/XnlReveal\n\nBurp Extension to find potential endpoints, parameters, and generate a custom target wordlist \n\nhttps://github.com/xnl-h4ck3r/GAP-Burp-Extension\n\nFinds graphql queries in javascript files \n\nhttps://github.com/xssdoctor/graphqlMaker\n\nApache HugeGraph Server RCE Scanner ( CVE-2024-27348 ) \n\nhttps://github.com/Zeyad-Azima/CVE-2024-27348\n\nUnauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6 \n\nhttps://github.com/Chocapikk/CVE-2024-25600\n\nA good collection with browser exploit CTF challenges. Please feel free to share if there is additional. Thank you all.\n\nhttps://github.com/exd0tpy/CTF-browser-challenges?tab=readme-ov-file\n\nhttps://github.com/m1ghtym0/browser-pwn\n\nhttps://github.com/De4dCr0w/Browser-pwn\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability \n\nhttps://github.com/mansk1es/CVE-2024-21111\n\nA Hex Editor for Reverse Engineers, Programmers\n\nhttps://github.com/WerWolv/ImHex\n\nLocal & remote Windows DLL Proxying \n\nhttps://github.com/synacktiv/DLHell\n\n#HackersFactory", "creation_timestamp": "2024-06-05T10:50:19.000000Z"} 2024-06-05T10:50:19+00:00 https://vulnerability.circl.lu/sighting/d0bb19ae-5264-4261-a245-95e26df14a43/export 2026-06-24T04:30:34.410050+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "d0bb19ae-5264-4261-a245-95e26df14a43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/166", "content": "Tools - Hackers Factory\n\nA Chrome/Firefox browser extension to show alerts for reflected query params, show Wayback archive links for the current path, show hidden elements and enable disabled elements. \n\nhttps://github.com/xnl-h4ck3r/XnlReveal\n\nBurp Extension to find potential endpoints, parameters, and generate a custom target wordlist \n\nhttps://github.com/xnl-h4ck3r/GAP-Burp-Extension\n\nFinds graphql queries in javascript files \n\nhttps://github.com/xssdoctor/graphqlMaker\n\nApache HugeGraph Server RCE Scanner ( CVE-2024-27348 ) \n\nhttps://github.com/Zeyad-Azima/CVE-2024-27348\n\nUnauthenticated Remote Code Execution \u2013 Bricks <= 1.9.6 \n\nhttps://github.com/Chocapikk/CVE-2024-25600\n\nA good collection with browser exploit CTF challenges. Please feel free to share if there is additional. Thank you all.\n\nhttps://github.com/exd0tpy/CTF-browser-challenges?tab=readme-ov-file\n\nhttps://github.com/m1ghtym0/browser-pwn\n\nhttps://github.com/De4dCr0w/Browser-pwn\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability \n\nhttps://github.com/mansk1es/CVE-2024-21111\n\nA Hex Editor for Reverse Engineers, Programmers\n\nhttps://github.com/WerWolv/ImHex\n\nLocal & remote Windows DLL Proxying \n\nhttps://github.com/synacktiv/DLHell\n\n#HackersFactory", "creation_timestamp": "2024-06-17T14:09:47.000000Z"} 2024-06-17T14:09:47+00:00 https://vulnerability.circl.lu/sighting/fde819bc-62f8-43d7-b055-a5273ca42069/export 2026-06-24T04:30:34.409896+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "fde819bc-62f8-43d7-b055-a5273ca42069", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "Telegram/jxCPEumYEvGWSe9nODKLv4wXiEkcSQNbm4EhUstBgqbc7Bol", "content": "", "creation_timestamp": "2024-07-28T18:50:39.000000Z"} 2024-07-28T18:50:39+00:00 https://vulnerability.circl.lu/sighting/96896e5c-30ce-480a-a4cc-57a691e08d75/export 2026-06-24T04:30:34.409698+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "96896e5c-30ce-480a-a4cc-57a691e08d75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/96", "content": "https://github.com/mansk1es/CVE-2024-21111\n\nOracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability\n#github #\u63d0\u6743", "creation_timestamp": "2024-12-21T15:48:34.000000Z"} 2024-12-21T15:48:34+00:00 https://vulnerability.circl.lu/sighting/b50f2981-c4fd-4d50-86a4-cc7d64f619c0/export 2026-06-24T04:30:34.409480+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "b50f2981-c4fd-4d50-86a4-cc7d64f619c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "seen", "source": "https://t.me/S_E_Reborn/5335", "content": "\u0412\u0441\u0435\u043c \u043f\u0440\u0438\u0432\u0435\u0442! \n\n\u041f\u043e\u043c\u0438\u043c\u043e \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u043e\u0432 Windows, \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043c\u043e\u0433\u0443\u0442 \u0440\u0430\u0431\u043e\u0442\u0430\u0442\u044c \u0441\u043b\u0443\u0436\u0431\u044b \u043e\u0442 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u043f\u043e\u0441\u0442\u0430\u0432\u0449\u0438\u043a\u043e\u0432: \u0441\u0438\u0441\u0442\u0435\u043c\u044b \u0441\u043b\u0435\u0436\u0435\u043d\u0438\u044f, \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0438, \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f, \u0438\u0433\u0440\u0443\u0448\u043a\u0438. \u0412 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u0441\u0432\u043e\u0435\u043c \u043e\u043d\u0438 \u0442\u0430\u043a\u0436\u0435 \u043f\u0440\u0435\u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u044e\u0442 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c, \u0440\u0430\u0431\u043e\u0442\u0430\u044f \u043e\u0442 \u043b\u0438\u0446\u0430 NT AUTHORITY\\SYSTEM. \n\n\u041f\u0440\u0438\u0447\u0435\u043c, \u043a\u0430\u043a \u044f \u043f\u043e\u043d\u0438\u043c\u0430\u044e, \u043f\u043e\u0434\u043e\u0431\u043d\u044b\u0435 \u0441\u043b\u0443\u0436\u0431\u044b \u043e\u0431\u043d\u043e\u0432\u043b\u044f\u0442\u044c\u0441\u044f \u0434\u043e\u043b\u0436\u043d\u044b \u0441\u0430\u043c\u043e\u0441\u0442\u043e\u044f\u0442\u0435\u043b\u044c\u043d\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u0441\u043e\u043e\u0442\u0432\u0435\u0442\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u0433\u043e \u0444\u0438\u0440\u043c\u0435\u043d\u043d\u043e\u0433\u043e \u041f\u041e, \u0447\u0442\u043e \u0443\u0441\u043b\u043e\u0436\u043d\u044f\u0435\u0442 \u043f\u0440\u043e\u0446\u0435\u0441\u0441 \u0443\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0438 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u0434\u0430\u0435\u0442 \u043d\u0430\u043c \u0435\u0449\u0435 \u043e\u0434\u0438\u043d \u0432\u0435\u043a\u0442\u043e\u0440 \u043f\u043e\u0432\u044b\u0448\u0435\u043d\u0438\u044f \u043f\u0440\u0438\u0432\u0438\u043b\u0435\u0433\u0438\u0439. \n\n\u0415\u0441\u0442\u044c \u0434\u043e\u0441\u0442\u0430\u0442\u043e\u0447\u043d\u043e \u043c\u043d\u043e\u0433\u043e \u0441\u043f\u043e\u0441\u043e\u0431\u043e\u0432 \u0441\u0431\u043e\u0440\u0430 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u043e \u041f\u041e \u043d\u0430 \u0441\u0438\u0441\u0442\u0435\u043c\u0435:\n# \u0418\u0437\u0432\u043b\u0435\u0447\u0435\u043d\u0438\u0435 \u0438\u0437 \u0440\u0435\u0435\u0441\u0442\u0440\u0430\nGet-ChildItem \"HKLM:\\SOFTWARE\\Wow6432Node\\Microsoft\\Windows\\CurrentVersion\\Uninstall\" | Get-ItemProperty | Where-Object {$_.DisplayName -ne $null} | Select-Object DisplayName, DisplayVersion, Publisher, InstallDate\n\n# wmi\nwmic product get name,version,vendor \n\n# Seatbelt\n.\\SeatBelt.exe InstalledProducts\n\n\u0425\u043e\u0447\u0443 \u043f\u043e\u0434\u0435\u043b\u0438\u0442\u044c\u0441\u044f \u0441 \u0432\u0430\u043c\u0438 \u043d\u0435\u0431\u043e\u043b\u044c\u0448\u0438\u043c \u0441\u043f\u0438\u0441\u043e\u0447\u043a\u043e\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0445 \u0441\u043b\u0443\u0436\u0431, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043c\u043e\u0433\u0443\u0442 \u043f\u043e\u043c\u043e\u0447\u044c \u0432\u0437\u044f\u0442\u044c \u0441\u0438\u0441\u0442\u0435\u043c\u0443 \u043d\u0430 \u043a\u043e\u043d\u0435\u0447\u043d\u043e\u0439 \u0442\u0430\u0447\u043a\u0435. \u041e\u0434\u043d\u043e\u0437\u043d\u0430\u0447\u043d\u043e \u043d\u0443\u0436\u043d\u043e \u0438\u043d\u0442\u0435\u0433\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u044d\u0442\u043e\u0442 \u0441\u043f\u0438\u0441\u043e\u043a \u0432 \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0439 Exploit-Street, \u043d\u043e \u044f \u0447\u0442\u043e-\u0442\u043e \u043d\u0435 \u043c\u043e\u0433\u0443 \u043f\u0440\u0438\u0434\u0443\u043c\u0430\u0442\u044c \u043a\u0430\u043a. \u041c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0443 \u0432\u0430\u0441 \u0435\u0441\u0442\u044c \u0438\u0434\u0435\u0438?\n\nManageEngine ServiceDesk\n- https://github.com/horizon3ai/CVE-2021-44077\n\nManageEngine ADSelfService\n- https://github.com/synacktiv/CVE-2021-40539\n- CVE-2022-47966\n- CVE-XXXX-XXXX (\u0441 \u0432\u0435\u0440\u0441\u0438\u0438 ADSelfService Plus 4.2.9, 2012 \u0438 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 6.3 Build 6301)\n\nUserManager\n- CVE-2023-36047\n\nITunes\n- CVE-2024-44193\n\nRazer ( \u0434\u043e 3.7.1209.121307)\n- RazerEoP\n\nDatacard XPS Card Printer Driver \n- CVE-2024-34329\n\nAppGate\n- CVE-2019-19793\n\nSeagate\n- CVE-2022-40286\n\nAWS VPN Client\n- CVE-2022-25165\n\nAIDA (\u0443\u044f\u0437\u0432\u0438\u043c\u044b \u0432\u0435\u0440\u0441\u0438\u0438 \u043d\u0438\u0436\u0435 7.00.6742)\n- AIDA64DRIVER-EOP\n\nVboxSDS\n- CVE-2024-21111\n\nTeamViewer\n- CVE-2024-7479 CVE-2024-7481\n\nGamingService \u043e\u0442 XBOX\n- GamingServiceEoP\n- GamingServiceEoP5\n\nChrome Updater\n- CVE-2023-7261\n\nPlantronics Desktop Hub\n- CVE-2024-27460", "creation_timestamp": "2024-12-26T13:38:29.000000Z"} 2024-12-26T13:38:29+00:00 https://vulnerability.circl.lu/sighting/75517c4f-6484-4964-b85b-14bfdd8d198f/export 2026-06-24T04:30:34.409317+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "75517c4f-6484-4964-b85b-14bfdd8d198f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21116", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8104", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-21116\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).\n\ud83d\udccf Published: 2024-04-16T21:26:37.525Z\n\ud83d\udccf Modified: 2025-03-19T18:02:31.359Z\n\ud83d\udd17 References:\n1. https://www.oracle.com/security-alerts/cpuapr2024.html", "creation_timestamp": "2025-03-19T18:19:19.000000Z"} 2025-03-19T18:19:19+00:00 https://vulnerability.circl.lu/sighting/a1331414-7208-4f70-a9e4-15ba9cb2be60/export 2026-06-24T04:30:34.409151+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a1331414-7208-4f70-a9e4-15ba9cb2be60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9201", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-21111\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).\n\ud83d\udccf Published: 2024-04-16T21:26:35.907Z\n\ud83d\udccf Modified: 2025-03-27T20:11:49.887Z\n\ud83d\udd17 References:\n1. https://www.oracle.com/security-alerts/cpuapr2024.html", "creation_timestamp": "2025-03-27T20:27:19.000000Z"} 2025-03-27T20:27:19+00:00 https://vulnerability.circl.lu/sighting/4cb3e3ba-9f96-4084-b96e-2e62d2ab4673/export 2026-06-24T04:30:34.408990+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "4cb3e3ba-9f96-4084-b96e-2e62d2ab4673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21113", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-25-257/", "content": "", "creation_timestamp": "2025-04-30T03:00:00.000000Z"} 2025-04-30T03:00:00+00:00 https://vulnerability.circl.lu/sighting/42d54455-cecd-44eb-9ed2-7dd3779f9439/export 2026-06-24T04:30:34.408784+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "42d54455-cecd-44eb-9ed2-7dd3779f9439", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3loqkfdcazb2x", "content": "", "creation_timestamp": "2025-05-09T13:38:59.441924Z"} 2025-05-09T13:38:59.441924+00:00 https://vulnerability.circl.lu/sighting/be75878b-a1c3-40c6-a754-99dfbcc5c9b8/export 2026-06-24T04:30:34.406772+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "be75878b-a1c3-40c6-a754-99dfbcc5c9b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21111", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lottmvh44p2l", "content": "", "creation_timestamp": "2025-05-10T21:02:15.536457Z"} 2025-05-10T21:02:15.536457+00:00