Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 24 Jun 2026 14:24:25 +0000 74553d05-1866-4284-ab89-df70d550fed4 https://vulnerability.circl.lu/sighting/74553d05-1866-4284-ab89-df70d550fed4/export {"uuid": "74553d05-1866-4284-ab89-df70d550fed4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27645", "type": "seen", "source": "https://t.me/cibsecurity/61862", "content": "\u203c CVE-2023-27645 \u203c\n\nAn issue found in POWERAMP audioplayer build 925 bundle play and build 954 allows a remote attacker to gain privileges via the reverb and EQ preset parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T16:23:23.000000Z"} {"uuid": "74553d05-1866-4284-ab89-df70d550fed4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27645", "type": "seen", "source": "https://t.me/cibsecurity/61862", "content": "\u203c CVE-2023-27645 \u203c\n\nAn issue found in POWERAMP audioplayer build 925 bundle play and build 954 allows a remote attacker to gain privileges via the reverb and EQ preset parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T16:23:23.000000Z"} https://vulnerability.circl.lu/sighting/74553d05-1866-4284-ab89-df70d550fed4/export Tue, 11 Apr 2023 16:23:23 +0000 026c4f63-4627-4208-8e15-6dfa8d66df01 https://vulnerability.circl.lu/sighting/026c4f63-4627-4208-8e15-6dfa8d66df01/export {"uuid": "026c4f63-4627-4208-8e15-6dfa8d66df01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27643", "type": "seen", "source": "https://t.me/cibsecurity/62123", "content": "\u203c CVE-2023-27643 \u203c\n\nAn issue found in POWERAMP 925-bundle-play and Poweramp 954-uni allows a remote attacker to cause a denial of service via the Rescan button in Queue and Select Folders button in Library\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T16:25:47.000000Z"} {"uuid": "026c4f63-4627-4208-8e15-6dfa8d66df01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27643", "type": "seen", "source": "https://t.me/cibsecurity/62123", "content": "\u203c CVE-2023-27643 \u203c\n\nAn issue found in POWERAMP 925-bundle-play and Poweramp 954-uni allows a remote attacker to cause a denial of service via the Rescan button in Queue and Select Folders button in Library\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T16:25:47.000000Z"} https://vulnerability.circl.lu/sighting/026c4f63-4627-4208-8e15-6dfa8d66df01/export Fri, 14 Apr 2023 16:25:47 +0000 94e7f8c4-61cb-450d-8988-fde7933f175c https://vulnerability.circl.lu/sighting/94e7f8c4-61cb-450d-8988-fde7933f175c/export {"uuid": "94e7f8c4-61cb-450d-8988-fde7933f175c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27649", "type": "seen", "source": "https://t.me/cibsecurity/62126", "content": "\u203c CVE-2023-27649 \u203c\n\nSQL injection vulnerability found in Trusted Tools Free Music v.2.1.0.47, v.2.0.0.46, v.1.9.1.45, v.1.8.2.43 allows a remote attacker to cause a denial of service via the search history table\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T16:25:49.000000Z"} {"uuid": "94e7f8c4-61cb-450d-8988-fde7933f175c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27649", "type": "seen", "source": "https://t.me/cibsecurity/62126", "content": "\u203c CVE-2023-27649 \u203c\n\nSQL injection vulnerability found in Trusted Tools Free Music v.2.1.0.47, v.2.0.0.46, v.1.9.1.45, v.1.8.2.43 allows a remote attacker to cause a denial of service via the search history table\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T16:25:49.000000Z"} https://vulnerability.circl.lu/sighting/94e7f8c4-61cb-450d-8988-fde7933f175c/export Fri, 14 Apr 2023 16:25:49 +0000 1964ce30-a1ac-40a5-a24f-defbc85711b4 https://vulnerability.circl.lu/sighting/1964ce30-a1ac-40a5-a24f-defbc85711b4/export {"uuid": "1964ce30-a1ac-40a5-a24f-defbc85711b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27648", "type": "seen", "source": "https://t.me/cibsecurity/62134", "content": "\u203c CVE-2023-27648 \u203c\n\nDirectory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277 allows a remote attacker to execute arbitrary code via the dex file in the internal storage.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T16:26:02.000000Z"} {"uuid": "1964ce30-a1ac-40a5-a24f-defbc85711b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27648", "type": "seen", "source": "https://t.me/cibsecurity/62134", "content": "\u203c CVE-2023-27648 \u203c\n\nDirectory Traversal vulnerability found in T-ME Studios Change Color of Keypad v.1.275.1.277 allows a remote attacker to execute arbitrary code via the dex file in the internal storage.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T16:26:02.000000Z"} https://vulnerability.circl.lu/sighting/1964ce30-a1ac-40a5-a24f-defbc85711b4/export Fri, 14 Apr 2023 16:26:02 +0000 441dc4b3-b2a7-4106-936f-166c9e8000a8 https://vulnerability.circl.lu/sighting/441dc4b3-b2a7-4106-936f-166c9e8000a8/export {"uuid": "441dc4b3-b2a7-4106-936f-166c9e8000a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27647", "type": "seen", "source": "https://t.me/cibsecurity/62193", "content": "\u203c CVE-2023-27647 \u203c\n\nAn issue found in DUALSPACE Lock Master v.2.2.4 allows a local attacker to cause a denial of service or gain sensitive information via the com.ludashi.superlock.util.pref.SharedPrefProviderEntryMethod: insert of the android.net.Uri.insert method.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-15T00:26:18.000000Z"} {"uuid": "441dc4b3-b2a7-4106-936f-166c9e8000a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27647", "type": "seen", "source": "https://t.me/cibsecurity/62193", "content": "\u203c CVE-2023-27647 \u203c\n\nAn issue found in DUALSPACE Lock Master v.2.2.4 allows a local attacker to cause a denial of service or gain sensitive information via the com.ludashi.superlock.util.pref.SharedPrefProviderEntryMethod: insert of the android.net.Uri.insert method.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-15T00:26:18.000000Z"} https://vulnerability.circl.lu/sighting/441dc4b3-b2a7-4106-936f-166c9e8000a8/export Sat, 15 Apr 2023 00:26:18 +0000 a68a00eb-63ea-4b73-8ecd-12b39d2d3eac https://vulnerability.circl.lu/sighting/a68a00eb-63ea-4b73-8ecd-12b39d2d3eac/export {"uuid": "a68a00eb-63ea-4b73-8ecd-12b39d2d3eac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27640", "type": "exploited", "source": "https://t.me/DarkWebInformer_CVEAlerts/834", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27640\n\ud83d\udd39 Description: An issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged with the POST parameter type in the /tshirtecommerce/fonts.php endpoint, to allow a remote attacker to traverse directories on the system in order to open files (without restriction on the extension and path). The content of the file is returned with base64 encoding. This is exploited in the wild in March 2023.\n\ud83d\udccf Published: 2023-06-01T00:00:00\n\ud83d\udccf Modified: 2025-01-08T20:58:57.837Z\n\ud83d\udd17 References:\n1. https://friends-of-presta.github.io/security-advisories/module/2023/03/30/tshirtecommerce_cwe-22.html", "creation_timestamp": "2025-01-08T21:13:28.000000Z"} {"uuid": "a68a00eb-63ea-4b73-8ecd-12b39d2d3eac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27640", "type": "exploited", "source": "https://t.me/DarkWebInformer_CVEAlerts/834", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27640\n\ud83d\udd39 Description: An issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged with the POST parameter type in the /tshirtecommerce/fonts.php endpoint, to allow a remote attacker to traverse directories on the system in order to open files (without restriction on the extension and path). The content of the file is returned with base64 encoding. This is exploited in the wild in March 2023.\n\ud83d\udccf Published: 2023-06-01T00:00:00\n\ud83d\udccf Modified: 2025-01-08T20:58:57.837Z\n\ud83d\udd17 References:\n1. https://friends-of-presta.github.io/security-advisories/module/2023/03/30/tshirtecommerce_cwe-22.html", "creation_timestamp": "2025-01-08T21:13:28.000000Z"} https://vulnerability.circl.lu/sighting/a68a00eb-63ea-4b73-8ecd-12b39d2d3eac/export Wed, 08 Jan 2025 21:13:28 +0000 ec8a9e01-8cba-4aa9-a281-0a71089efb80 https://vulnerability.circl.lu/sighting/ec8a9e01-8cba-4aa9-a281-0a71089efb80/export {"uuid": "ec8a9e01-8cba-4aa9-a281-0a71089efb80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27645", "type": "seen", "source": "Telegram/N_SkSgVEwnMSF5jFGjNpW86GU7OPY28X_MmeX0wCEbvMm1XJ", "content": "", "creation_timestamp": "2025-02-14T10:00:36.000000Z"} {"uuid": "ec8a9e01-8cba-4aa9-a281-0a71089efb80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27645", "type": "seen", "source": "Telegram/N_SkSgVEwnMSF5jFGjNpW86GU7OPY28X_MmeX0wCEbvMm1XJ", "content": "", "creation_timestamp": "2025-02-14T10:00:36.000000Z"} https://vulnerability.circl.lu/sighting/ec8a9e01-8cba-4aa9-a281-0a71089efb80/export Fri, 14 Feb 2025 10:00:36 +0000 106a65c1-6bb4-4747-8643-7dda167c5155 https://vulnerability.circl.lu/sighting/106a65c1-6bb4-4747-8643-7dda167c5155/export {"uuid": "106a65c1-6bb4-4747-8643-7dda167c5155", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27640", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c24fec1d-a5b5-44b9-8a2b-46a73fb1d8d0", "content": "", "creation_timestamp": "2026-06-19T12:46:54.207627Z"} {"uuid": "106a65c1-6bb4-4747-8643-7dda167c5155", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27640", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/c24fec1d-a5b5-44b9-8a2b-46a73fb1d8d0", "content": "", "creation_timestamp": "2026-06-19T12:46:54.207627Z"} https://vulnerability.circl.lu/sighting/106a65c1-6bb4-4747-8643-7dda167c5155/export Fri, 19 Jun 2026 12:46:54 +0000 8646f6d2-f230-4c6d-bc83-ad794ea97a14 https://vulnerability.circl.lu/sighting/8646f6d2-f230-4c6d-bc83-ad794ea97a14/export {"uuid": "8646f6d2-f230-4c6d-bc83-ad794ea97a14", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27640", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d0375952-fbc9-4919-b27c-20f30ba7cadc", "content": "", "creation_timestamp": "2026-06-23T14:04:05.114410Z"} {"uuid": "8646f6d2-f230-4c6d-bc83-ad794ea97a14", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27640", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/d0375952-fbc9-4919-b27c-20f30ba7cadc", "content": "", "creation_timestamp": "2026-06-23T14:04:05.114410Z"} https://vulnerability.circl.lu/sighting/8646f6d2-f230-4c6d-bc83-ad794ea97a14/export Tue, 23 Jun 2026 14:04:05 +0000